General Motors Company Cyber Security Posture
gm.comGeneral Motorsโ vision is to create a world with Zero Crashes, Zero Emissions and Zero Congestion, and we have committed ourselves to leading the way toward this future. Today, we are in the midst of a transportation revolution, and we have the ambition, the talent and the technology to realize the safer, better and more sustainable world we want. As an open, inclusive company, weโre also creating an environment where everyone feels welcomed and valued for who they are. One team, where all ideas are considered and heard, where everyone can contribute to their fullest potential, with a culture based in respect, integrity, accountability and equality. Our team brings wide-ranging perspectives and experiences to solving the complex transportation challenges of today and tomorrow. For information on the GM Privacy Statement, please visit http://www.gm.com/privacy-statement.html
General Motors Company Details
general-motors
99531 employees
3326195.0
336
Motor Vehicle Manufacturing
gm.com
2280
GEN_2340968
In-progress
General Motors Risk Score (AI oriented)Between 900 and 1000
This score is AI-generated and less favored by cyber insurers, who prefer the TPRM score.
General Motors Global Score.png)
General Motors Company Scoring based on AI Models
| Model Name | Date | Description | Current Score Difference | Score |
|---|---|---|---|---|
| AVERAGE-Industry | 03-12-2025 | This score represents the average cybersecurity rating of companies already scanned within the same industry. It provides a benchmark to compare an individual company's security posture against its industry peers. | N/A | Between 900 and 1000 |
General Motors Company Cyber Security News & History
| Entity | Type | Severity | Impact | Seen | Url ID | Details | View |
|---|---|---|---|---|---|---|---|
| General Motors | Cyber Attack | 90 | 4 | 04/2022 | GEN13536622 | Link | |
Rankiteo Explanation : Attack with significant impact with customers data leaksDescription: American automaker General Motors was targeted in a credential stuffing attack in April 2022 after it noticed malicious login activity to customersโ accounts. The attackers accessed customersโ personally identifiable information (PII) and redeemed reward points for gift cards. The company deactivated the reward feature and notified the customers and law enforcement authorities and asked its customers to reset their passwords and monitor their credit reports for potential fraud. | |||||||
| General Motors | Cyber Attack | 100 | 5 | 3/2025 | GEN452032725 | Link | |
Rankiteo Explanation : Attack threatening the organizationโs existenceDescription: General Motors faces significant financial repercussions due to the newly implemented 25% tariffs on vehicles and auto parts, which directly affect this major automaker more so than its competitors. Being heavily invested in production facilities in Mexico and Canada, GM's extensive reliance on these regions for manufacturing results in a sizeable portion of its portfolioโ55% of vehicles sold in the U.S.โbeing subject to the tariffs. This situation could lead to increased vehicle costs, reduced market competitiveness, and potential sales declines due to higher consumer prices. The financial hit is exacerbated by the intertwined nature of the auto industry's supply chain and could further lead to strategic shifts in production or sourcing decisions. | |||||||
General Motors Company Subsidiaries
General Motorsโ vision is to create a world with Zero Crashes, Zero Emissions and Zero Congestion, and we have committed ourselves to leading the way toward this future. Today, we are in the midst of a transportation revolution, and we have the ambition, the talent and the technology to realize the safer, better and more sustainable world we want. As an open, inclusive company, weโre also creating an environment where everyone feels welcomed and valued for who they are. One team, where all ideas are considered and heard, where everyone can contribute to their fullest potential, with a culture based in respect, integrity, accountability and equality. Our team brings wide-ranging perspectives and experiences to solving the complex transportation challenges of today and tomorrow. For information on the GM Privacy Statement, please visit http://www.gm.com/privacy-statement.html
Access Data Using Our API
Get company history
Rapid.png)
General Motors Cyber Security News
OT cybersecurity challenges: Q&A with Rob Larsen
The security adviser at Silverfort weighs in on the convergence of OT and how it's reshaping cybersecurity, why manufacturing is so oftenย ...
Automakers meet growing data privacy challenges, experts say
Automakers face growing data privacy challenges, experts say. A Federal Trade Commission crackdown and lawsuit against GM show automakers areย ...
GM CEO Mary Barra on the politics of EVs, the future of AVs, and moving away from China
โI never thought the propulsion of a vehicle would become a political issue,โ GM chairman and CEO Mary Barra said onstage at TechCrunch Disruptย ...
Millions of General Motors' cars were vulnerable to hackers for almost five years
The car-hacking attack saw the Impala's OnStar computer system contacted via a phone call, and an MP3 file of different tones played to bamboozle the software,ย ...
SWOT Analysis of General Motors (Updated 2025)
1. Strong Brand Portfolio. General Motors is proud of its broad portfolio of historic car brands, including Chevrolet, GMC, Buick,ย ...
General Motors users info affected in data breach
U.S. automobile manufacturer General Motors (GM) has alerted customers of a data breach due to a credential stuffing attack last month.
General Motors, Red Hat Collaboration Geared Toward Accelerating Software-Defined Vehicles
Software-defined vehicles receive jumpstart with General Motors, Red Hat collaboration.
Automotive Cybersecurity | Jeff Massimilla Leads GM Activities
A hacker figured a way last year to slip through the security of the automaker's RemoteLink app, which operates through GM's OnStar telematicsย ...
GM's cybersecurity chief appointed to federal advisory group
Washington โ General Motors Co. Chief Cybersecurity Officer Kevin Tierney has been appointed to a panel within the U.S. Department of Homelandย ...
General Motors Similar Companies
Volvo Cars
Everything we do starts with people. Our purpose is to provide freedom to move, in a personal, sustainable and safe way. We are committed to simplifying our customersโ lives by offering better technology solutions that improve their impact on the world and bringing the most advanced mobility innovat
Volvo Group
The Volvo Group is one of the worldโs leading manufacturers of trucks, buses, construction equipment and marine and industrial engines. The Group also provides complete solutions for financing and service. The Volvo Group, with its headquarters in Gothenburg, employs about 100,000 people, has produc
Hankook Tire
Hankook Tire & Technology drives persistent innovation to take a leap forward as a global top-tier company paving the way for the future of driving. Hankook Tire & Technology will transform itself into 'The Future Driving Innovator' that realizes future driving through persistent innovation. We a
Mercedes-Benz Research and Development India
Mercedes-Benz Research and Development India (MBRDI) is the largest research and development centre for Mercedes-Benz Group AG outside of Germany. With over 27 years of innovation, MBRDI is contributing towards building the worldโs most desirable cars, right here from India. Our mission - shape th
Motherson Group
Founded in 1975, Motherson is one of the worldโs leading auto component makers, supplying OEMs globally from over 350 facilities in 41 countries spread across five continents with over 180,000 employees. Within the automotive industry, it is one of the leading global manufacturers of exterior rear
Stellantis
Our storied and iconic brands embody the passion of their visionary founders and todayโs customers in their innovative products and services: they include Abarth, Alfa Romeo, Chrysler, Citroรซn, Dodge, DS Automobiles, Fiat, Jeepยฎ, Lancia, Maserati, Opel, Peugeot, Ram, Vauxhall and mobility brands Fre
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
General Motors CyberSecurity History Information
How many cyber incidents has General Motors faced?
Total Incidents: According to Rankiteo, General Motors has faced 2 incidents in the past.
What types of cybersecurity incidents have occurred at General Motors?
Incident Types: The types of cybersecurity incidents that have occurred incidents Cyber Attack.
What was the total financial impact of these incidents on General Motors?
Total Financial Loss: The total financial loss from these incidents is estimated to be $0.
How does General Motors detect and respond to cybersecurity incidents?
Detection and Response: The company detects and responds to cybersecurity incidents through law enforcement notified with True and containment measures with Deactivated Reward Feature and remediation measures with Asked Customers to Reset Passwords and communication strategy with Notified Customers, Asked Customers to Monitor Credit Reports.
Incident Details
Can you provide details on each incident?
Incident : Cyber Attack
Title: General Motors Financial Repercussions Due to Tariffs
Description: General Motors faces significant financial repercussions due to the newly implemented 25% tariffs on vehicles and auto parts, which directly affect this major automaker more so than its competitors. Being heavily invested in production facilities in Mexico and Canada, GM's extensive reliance on these regions for manufacturing results in a sizeable portion of its portfolioโ55% of vehicles sold in the U.S.โbeing subject to the tariffs. This situation could lead to increased vehicle costs, reduced market competitiveness, and potential sales declines due to higher consumer prices. The financial hit is exacerbated by the intertwined nature of the auto industry's supply chain and could further lead to strategic shifts in production or sourcing decisions.
Type: Cyber Attack
Incident : Credential Stuffing
Title: Credential Stuffing Attack on General Motors
Description: American automaker General Motors was targeted in a credential stuffing attack in April 2022 after it noticed malicious login activity to customersโ accounts. The attackers accessed customersโ personally identifiable information (PII) and redeemed reward points for gift cards. The company deactivated the reward feature and notified the customers and law enforcement authorities and asked its customers to reset their passwords and monitor their credit reports for potential fraud.
Date Detected: April 2022
Type: Credential Stuffing
Attack Vector: Malicious Login Activity
Vulnerability Exploited: Customer Accounts
Motivation: Access PII, Redeem Reward Points for Gift Cards
What are the most common types of attacks the company has faced?
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
Impact of the Incidents
What was the impact of each incident?
Incident : Cyber Attack GEN452032725
Financial Loss: Significant
Operational Impact: Potential sales declines and strategic shifts in production or sourcing decisions
Incident : Credential Stuffing GEN13536622
Data Compromised: PII
What is the average financial loss per incident?
Average Financial Loss: The average financial loss per incident is $0.00.
What types of data are most commonly compromised in incidents?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are PII.
Which entities were affected by each incident?
Incident : Credential Stuffing GEN13536622
Entity Type: Corporation
Industry: Automotive
Location: United States
Response to the Incidents
What measures were taken in response to each incident?
Incident : Credential Stuffing GEN13536622
Law Enforcement Notified: True
Containment Measures: Deactivated Reward Feature
Remediation Measures: Asked Customers to Reset Passwords
Communication Strategy: Notified Customers, Asked Customers to Monitor Credit Reports
Data Breach Information
What type of data was compromised in each breach?
Incident : Credential Stuffing GEN13536622
Type of Data Compromised: PII
Personally Identifiable Information: True
What measures does the company take to prevent data exfiltration?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Asked Customers to Reset Passwords.
How does the company handle incidents involving personally identifiable information (PII)?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through was Deactivated Reward Feature.
Investigation Status
How does the company communicate the status of incident investigations to stakeholders?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through were Notified Customers and Asked Customers to Monitor Credit Reports.
Additional Questions
Incident Details
What was the most recent incident detected?
Most Recent Incident Detected: The most recent incident detected was on April 2022.
Impact of the Incidents
What was the highest financial loss from an incident?
Highest Financial Loss: The highest financial loss from an incident was Significant.
What was the most significant data compromised in an incident?
Most Significant Data Compromised: The most significant data compromised in an incident was PII.
Response to the Incidents
What containment measures were taken in the most recent incident?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Deactivated Reward Feature.
Data Breach Information
What was the most sensitive data compromised in a breach?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach was PII.
What Do We Measure?
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
