Japanese car manufacturer Toyota recently confirmed an incident in which customer data was exposed through a security breach at a third-party provider. A hacker had previously published a 240 GB archive of stolen data on a hacker forum.
Toyota emphasized to BleepingComputer that it was not a system-wide security breach. A spokesperson for Toyota Motor North America later clarified that the company’s own systems were not compromised. Instead, the data was stolen by a third party that was misrepresented as Toyota. The company did not want to give any details about the third party.
According to the hacker group ZeroSevenGroup, which is responsible for the leak, the stolen data includes information about Toyota employees and customers, contracts and financial information, as well as details of the network infrastructure, including access data. The exact number of people affected has not yet been disclosed by Toyota.
Although Toyota did not give an exact date for the incident, investigations suggest that the files were created or stolen on December 25, 2022. This is not the first time Toyota has been confronted with data protection incidents. There have been several incidents in recent years, including a ransomware attack on Toyota Financial Services in Europe and Africa in December 2023 and the disclosure of location data of 2.15 million customers over a ten-year period, which became public in May 2023.
Toyota explained that it is in contact with those affected and will offer support if necessary. Following previous incidents, the company had already implemented an automated system to monitor cloud configurations and database settings in order to prevent similar leaks in the future.
Affected customers should remain vigilant and pay attention to official communications from Toyota. They are advised to change passwords and check their own accounts for suspicious activity.