General Motors said that between April 11 and 29, 2022, there were suspicious logins to online customer accounts, which resulted in the unauthorized use of customers' reward points to redeem gifts.

The official announcement shows that this is an obvious hacker attack. Once the incident was discovered, Universal disabled the feature. However, the hackers still obtained information from the GM Online mobile application, including name, email address, mailing address, name associated with the account, phone number, point of interest collection, OnStar subscription, profile picture, search history, etc.

GM stated that although the amount of stolen information was large, more important information was still intact because it was not stored in customers' GM accounts. This information includes date of birth, social security card number, driver's license number, credit card and bank account number, etc.

In addition to suspending some functions, General Motors has notified affected customers that they will reset their passwords the next time they log in. At the same time, General Motors has submitted corresponding reports to law enforcement agencies.

Editor: Zhu Guanghua