Toyota confirmed that buyer knowledge was uncovered in a third-party data breach after a menace actor leaked an archive of 240GB of stolen knowledge on a hacking discussion board.
“We’re conscious of the scenario. The difficulty is proscribed in scope and isn’t a system large concern,” Toyota instructed BleepingComputer when requested to validate the menace actor’s claims.
The corporate added that it is “engaged with those that are impacted and can present help if wanted,” however has but to offer data on when it found the breach, how the attacker gained entry, and the way many individuals had their knowledge uncovered within the incident.
At some point later, a spokesperson clarified in a brand new assertion shared with BleepingComputer that Toyota Motor North America’s programs have been “not breached or compromised,” and the information was stolen from what seems to be “a third-party entity that’s misrepresented as Toyota.”
When requested to share the title of the breached third-party entity, the spokesperson stated that Toyota Motor North America was “not at liberty to reveal” that data.
Worker and buyer knowledge uncovered
ZeroSevenGroup (the menace actor who leaked the stolen knowledge) says they breached a U.S. department and have been capable of steal 240GB of information with data on Toyota staff and prospects, in addition to contracts and monetary data,
In addition they declare to have collected community infrastructure data, together with credentials, utilizing the open-source ADRecon instrument that helps extract huge quantities of data from Lively Listing environments.
“We have now hacked a department in United States to one of many largest automotive producer on the earth (TOYOTA). We’re actually glad to share the information with you right here free of charge. The info measurement: 240 GB,” the menace actor claims.
“Contents: Every thing like Contacts, Finance, Prospects, Schemes, Workers, Images, DBs, Community infrastructure, Emails, and a variety of good knowledge. We additionally give you AD-Recon for all of the goal community with passwords.”
Whereas Toyota hasn’t shared the date of the breach, BleepingComputer discovered that the information had been stolen or no less than created on December 25, 2022. This date might point out that the menace actor gained entry to a backup server the place the information was saved.
Final yr, Toyota subsidiary Toyota Monetary Companies (TFS) warned prospects in December that their delicate private and monetary knowledge was uncovered in a data breach ensuing from a Medusa ransomware assault that impacted the Japanese automaker’s European and African divisions in November.
Months earlier, in Could, Toyota disclosed one other data breach and revealed that the car-location data of two,150,000 prospects was uncovered for ten years, between November 6, 2013, and April 17, 2023, due to a database misconfiguration within the firm’s cloud atmosphere.
Weeks later, it discovered two extra misconfigured cloud companies leaking Toyota prospects’ private data for over seven years.
Following these two incidents, Toyota stated it applied an automatic system to observe cloud configurations and database settings in all its environments to stop such leaks sooner or later.
A number of Toyota and Lexus gross sales subsidiaries have been additionally breached in 2019 when attackers stole and leaked what the corporate described on the time as “as much as 3.1 million gadgets of buyer data.”
Replace August 20, 17:09 EDT: Revised article and title primarily based on new data Toyota Motor North America supplied.
