APT32 - Vietnam-based Advanced Persistent Threat group have repeatedly targeted automotive companies this year. Also threat intelligence and cyber attack response services company Crowdstrike attributed attacks on automotive targets in their October report to APT32.
APT32 has been most likely behind a security breach of multiple Toyota and Lexus sales subsidiaries, which resulted in exposure of the personal info of around 3.1 million Toyota customers.
In a more recent campaign two companies have been targeted - South Korean Hyundai and German BMW. In the case of BMW, the company discovered back in the spring of 2019 that a group of hackers have infiltrated their systems. The manufacturer decided to control and monitor the attackers to determine their aim and behaviour until last week, when they blocked the hackers' access to the network. According to BMW, no sensitive information has been accessed and the headquarters were not compromised.