Toyota Motor Corporation (TMC) sales subsidiary and its affiliates suffered a data breach that exposed personal information of millions of customers in Japan.
The week closes with the news of a data breach suffered by Toyota Motor Corporation (TMC) sales subsidiary and its affiliates that exposed personal information belonging to millions of customers in Japan.
The company confirmed that eight Toyota and Lexus sales firms were affected by the incident, the hack hit Toyota Sales Holdings Inc., a subsidiary of Toyota Motor in Japan, and its affiliates.
An investigation into the incident is ongoing, but the car vendor said unauthorized access had been detected on March 21 on a server containing data belonging to 3.1 million customers.
Exposed records included names, addresses, dates of birth, occupation and other information, the good news is that no financial data was exposed in the incident.
The car manufacturer pointed out that there is no evidence that hackers have stolen the data.
“Additionally, three other independent dealers in Japan are possibly involved. Toyota Motor North America (TMNA) is monitoring the situation closely and is currently unaware of any compromise of TMNA systems associated with this incident or evidence that Toyota or Lexus dealers in the United States have been targeted,” the company said in a statement.
“Toyota Motor North America (TMNA) is monitoring the situation closely and is currently unaware of any compromise of TMNA systems associated with this incident or evidence that Toyota or Lexus dealers in the United States have been targeted,” reads a statement sent by TMNA via email.
The company revealed that unauthorized access had also been detected at subsidiaries in Thailand and Vietnam on March 19.
This is the second time Toyota has disclosed a data breach this year, on February 21, 2019, Toyota Australia reported a security breach. At the time, the company said that the security breach didn’t impact user or customer data, but the attack caused disruptions to IT systems.
Some experts argued the attack against Toyota Australia was carried out by the Vietnamese APT32 group.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.