If Kia doesn't pay, the hackers will release the stolen data to the public.
UPDATE 3: Hyundai also responded to our request for comment. Like Kia, it is denying the allegations of a ransomware attack:
Hyundai Motor America is experiencing an IT outage affecting a limited number of customer-facing systems. Those systems are in the process of coming back online. We would like to thank our customers for their continued patience. At this time, we can also confirm that we have no evidence of Hyundai Motor America or its data being subject to a ransomware attack.
UPDATE 2: Kia responded with a statement regarding this issue:
Kia Motors America Statement Regarding IT Systems Outage – 2/18/21
Kia Motors America, Inc. (“Kia”) has been experiencing an extended systems outage since Saturday but can confirm that the UVO app and owner’s portal are now operational. We anticipate remaining primary customer-facing affected systems will continue to come back online within the next 24-48 hours, with our most critical systems first in line. We apologize for the inconvenience to affected customers, especially those impacted by winter storms, who felt the outage of our remote start and heating feature most acutely. Kia is wholly focused on fully resolving this issue and would like to thank our customers for their continued patience.
We are aware of online speculation that Kia is subject to a ransomware attack. At this time, and based on the best and most current information, we can confirm that we have no evidence that Kia or any Kia data is subject to a ransomware attack.
UPDATE: An anonymous tip to Motor1.com alleges that Hyundai dealership technicians are unable to access part of the system for using diagnostic equipment. This has allegedly been the case since Saturday, according to the person who contacted us.
We've contacted Hyundai and Kia with these new details for confirmation.
A group of hackers attacked Kia Motors America and subjected the automaker to ransomware that has allegedly shut down vital services like its UVO Link apps, payment system, and the sites that dealers use, according to Bleeping Computer. The hackers are requesting 404.5833 bitcoin to decrypt the data, and at current values, this is equivalent to $20,899,559.53. If Kia doesn't pay quickly enough, then the ransom increases to 600 bitcoin ($30,994,200).
Bleeping Computer also obtained the alleged ransom note that the hackers sent to Kia. The letter says that if Kia doesn't make any attempt to contact the attackers within three days that a portion of the obtained data would be made public. The demands doesn't specifically say what type of data that this hack stole.
Gallery: New Kia logo
Motor1.com reached out to Kia for info about the current status of this attack and the company's intention. In a statement to Bleeping Computer on February 17, the automaker denied that it was subject to ransomware. "We are also aware of online speculation that Kia is subject to a 'ransomware' attack. At this time, we can confirm that we have no evidence that Kia or any Kia data is subject to a 'ransomware' attack," the announcement said.
Something odd is that the letter addresses Hyundai Motor America, which is closely related to Kia. At this time, it doesn't seem that Hyundai is affected by the attack, but Motor1.com is reaching out to the automaker for confirmation.
As automakers use increasingly networked technology, hacks and ransomware attacks become a larger risk of disrupting their business. For example, ransomware in 2017 forced Renault to stop production in France temporarily, and Nissan had to do the same in the UK at the time.