Hyundai Capital announced last Friday they have been the victim of an ongoing network breach that has exposed sensitive client account information.
Early estimations indicated that the names, email addresses and telephone numbers of at least 420 thousand clients have been compromised.
Officials further suspect that the login credentials, financial information, and credit scores for as many as thirteen thousand accounts may also have been exposed.
Vice President Hwang Yoo-no said Sunday that there was “a possibility that some secret information was hacked, including customer passwords and credit ratings."
Hyundai Capital officials are reluctant to release any other information on the number of accounts and types of information breached until a thorough investigation has been conducted.
“We are conducting simulations to examine what types of additional damage there may be. I cannot give a definite answer, but we do not think there will be any additional effects,” said Hyundai Capital CEO Chung Tae-young.
The unauthorized access of the Hyundai Capital's networks is thought to have begun in February, and remained undetected by the company until they were apparently notified late last week via email of the breach by the hackers themselves.
“We only became aware of the hacking after receiving an email from a hacker at 9 a.m. last Thursday,” the company explained.
There are serious questions being raised about Hyundai Capital's primary and secondary efforts to secure their networks and protect against the exposure of sensitive information.
The Hyundai Capital announcement comes just one week after a major data loss event was announced at Epsilon, a third-party email marketing and service provider.
Epsilon, which contracts with some of largest retail and financial companies in the nation, reported that their systems experienced an unauthorized access event that has exposed the names and email addresses of the customers the company's clients serve.
While the total number of records stolen has not been determined, the list of companies whose client data has been exposed has now grown to more than fifty, putting the Epsilon breach in the running as being one of the largest data breaches on record.