Toyota confirmed that buyer knowledge was uncovered in a third-party knowledge breach after a menace actor leaked an archive of 240GB of stolen knowledge on a hacking discussion board.
“We are aware of the situation. The issue is limited in scope and is not a system wide issue,” Toyota instructed BleepingComputer when requested to validate the menace actor’s claims.
The corporate added that it is “engaged with those who are impacted and will provide assistance if needed,” however has but to supply info on when it found the breach, how the attacker gained entry, and the way many individuals had their knowledge uncovered within the incident.
Someday later, a spokesperson clarified in a brand new assertion shared with BleepingComputer that Toyota Motor North America’s techniques have been “not breached or compromised,” and the information was stolen from what seems to be “a third-party entity that is misrepresented as Toyota.”
When requested to share the identify of the breached third-party entity, the spokesperson stated that Toyota Motor North America was “not at liberty to disclose” that info.
Worker and buyer knowledge uncovered
ZeroSevenGroup (the menace actor who leaked the stolen knowledge) says they breached a U.S. department and have been capable of steal 240GB of recordsdata with info on Toyota staff and clients, in addition to contracts and monetary info,
In addition they declare to have collected community infrastructure info, together with credentials, utilizing the open-source ADRecon software that helps extract huge quantities of knowledge from Energetic Listing environments.
“We have hacked a branch in United States to one of the biggest automotive manufacturer in the world (TOYOTA). We are really glad to share the files with you here for free. The data size: 240 GB,” the menace actor claims.
“Contents: Everything like Contacts, Finance, Customers, Schemes, Employees, Photos, DBs, Network infrastructure, Emails, and a lot of perfect data. We also offer you AD-Recon for all the target network with passwords.”
Whereas Toyota hasn’t shared the date of the breach, BleepingComputer discovered that the recordsdata had been stolen or not less than created on December 25, 2022. This date might point out that the menace actor gained entry to a backup server the place the information was saved.
​Final 12 months, Toyota subsidiary Toyota Monetary Providers (TFS) warned clients in December that their delicate private and monetary knowledge was uncovered in an information breach ensuing from a Medusa ransomware assault that impacted the Japanese automaker’s European and African divisions in November.
Months earlier, in Might, Toyota disclosed one other knowledge breach and revealed that the car-location info of two,150,000 clients was uncovered for ten years, between November 6, 2013, and April 17, 2023, due to a database misconfiguration within the firm’s cloud surroundings.
Weeks later, it discovered two extra misconfigured cloud companies leaking Toyota clients’ private info for over seven years.
Following these two incidents, Toyota stated it carried out an automatic system to watch cloud configurations and database settings in all its environments to forestall such leaks sooner or later.
A number of Toyota and Lexus gross sales subsidiaries have been additionally breached in 2019 when attackers stole and leaked what the corporate described on the time as “up to 3.1 million items of customer information.”
Replace August 20, 17:09Â EDT: Revised article and title based mostly on new info Toyota Motor North America offered.
