Recent Data Breaches: Hyundai, NorthOne Bank, and Kodi

Data breaches have become widespread in the digital age, leaving companies and individuals at risk of cyber attacks.

Three high-profile companies – Hyundai, NorthOne Bank, and Kodi – recently experienced significant data breaches impacting customers. These incidents have raised concerns about potential identity theft.

This blog will provide specifics of each incident and examine the steps taken by the affected parties to resolve the situation.

Hyundai Takes Systems Offline to Investigate Data Breach

Hyundai has experienced a data breach affecting French and Italian car owners and customers who booked a test drive. The cyber attackers obtained unauthorized access to the individuals’ email addresses, physical addresses, telephone numbers, and vehicle chassis numbers. 

While financial data was not exposed, the exact number of affected individuals remains unclear. 

The data breach notification letter sent to impacted individuals advises them to be cautious about any contact attempts from Hyundai Italia or other entities of the Hyundai Group.

To address the issue, the company has taken impacted systems offline, hired external cybersecurity experts, and notified privacy watchdogs. 

The data breach is the latest in a series of incidents involving Hyundai, including a software flaw in February 2022 and a network breach by suspected hackers in December 2019. Additionally, vulnerabilities in the Hyundai Blue Link mobile app enabled hackers to locate, unlock, and start vehicles in April 2017.

NorthOne Bank’s Unprotected Database Leaks Over 1 Million Financial Records

A cybersecurity expert named Jeremiah Fowler discovered a database that was not password-protected and contained over one million financial records, including invoices from individuals and businesses who used an app to pay for their products and services. 

The records contained personal information such as names, email addresses, physical addresses, and phone numbers, as well as notes on the payment’s purpose, the total amount, and the due date, and some even had tax identification numbers. 

Further investigation revealed that the database belonged to NorthOne Bank, a financial technology company utilized by over 320,000 American businesses. NorthOne Bank is not a full-service bank and uses The Bancorp Bank for banking services, which is a member of the Federal Deposit Insurance Corporation (FDIC).

Criminals could use a business’s name or Employer Identification Number (EIN) to file fraudulent federal tax returns and apply for credit accounts or loans, leaving the business accountable for repaying and settling the debts. Early detection of business identity theft is crucial, as victims must demonstrate they did not authorize fraudulent accounts, which can still lead to a significant burden.

Kodi Software Rebuilds Forum Website After Data Breach of 400K Users

Kodi, a prominent maker of open-source home theater software, suffered a data breach that came to light last week. The incident occurred when a malicious actor advertised a dump of Kodi’s user forum, MyBB, on cybercrime forums in February 2023.

The hackers behind the breach posted data of 400,000 Kodi users on various hacker forums, including the recently shut-down BreachForums.

The attackers exploited a compromised inactive administrator account to gain access to the web-based MyBB admin console on two occasions – February 16 and 21. After intrusion, they created database backups and downloaded available nightly full backups. According to Kodi, the stolen backups include all public and staff forum posts, user messages, and user data, including usernames, email addresses, and encrypted passwords generated by the MyBB (v1.8.27) software.

Kodi had planned to rebuild its forum server before the breach, and on April 11, it confirmed that the rebuilding process was underway. The software developer is strengthening the security of the MyBB admin console by revising admin roles and improving audit logging and backup; it also is implementing a global password reset for users.

Kodi is sharing compromised email addresses with the Have I Been Pwned breach to ensure all users are notified of the data breach.

Mitigate Data Breaches with SOCRadar

SOCRadar searches the entire web for data exposure and alerts you so you can take action before breaches become destructive. SOCRadar can detect any exposed data relating to you on various hacker channels on the dark web, such as credentials, employee and customer PII, and financial information, by searching through many records in these channels.

You can also try SOCRadar Labs’ Account Breach to see if your information has been compromised in a breach.

Vulnerabilities often go unnoticed until it is too late, with threat actors always looking to access organizations’ systems and sensitive data by exploiting them. SOCRadar’s EASM (External Attack Surface Management) monitors your assets thoroughly and continuously to detect any vulnerabilities and send alarms, helping you manage them easily.