Kia Motors America: Ransomware Not Behind Extended Systems Outage

/in


Kia Motors America stated that a ransomware attack was not the apparent cause of an extended systems outage affecting the automobile dealer’s IT systems. It all started with an error message…

According to Bleeping Computer, the outage started on February 13 when the Kia Owners Portal went offline and displayed the following error message:

We are currently experiencing an IT service outage that has impacted some internal networks. Our customers are our top priority, and we are working to resolve the issue quickly.

The Kia Owners Portal is a platform where owners of Kia automobiles can book an appointment with a dealer, store their insurance and/or registration information and more.

Bleeping Computer confirmed in its reporting that the outage affected the phone self-help services operated by Kia Motors America, a subsidiary of Kia Motors Corporation headquartered in Irvine, California. Those services informed callers that unspecified server issues might undermine the company’s ability to provide customer support. 

The outage also affected customers’ ability to use the Kia Access with UVO Link, UVO eServices and Kia Connect mobile apps, the customer self-help website wrote. In a statement provided to Bleeping Computer, the automobile dealer did not provide any details about the cause of the outage:

KMA is aware of IT outages involving internal, dealer and customer-facing systems, including UVO. We apologize for any inconvenience to our customers and are working to resolve the issue and restore normal business operations as quickly as possible.

On February 16, however, a user tweeted out that they had attempted to pick up their car from one of the 800 dealerships operated by Kia Motors when a manager informed them that they couldn’t drive their car off the lot that day because a ransomware attack had knocked some of Kia’s computer systems offline:

kia-blog-screenshot

The following day, Bleeping Computer received what appeared to be a ransom note from the DoppelPaymer ransomware group indicating that the gang had successfully attacked Hyundai Motor America, Kia’s parent company.

In their ransom message, the attackers asserted that they had stolen a “huge amount” of data from Kia…

Source…