The week closes with the news of a data breach suffered by Toyota Motor Corporation (TMC) sales subsidiary and its affiliates that exposed personal information belonging to millions of customers in Japan.
The company confirmed that eight Toyota and Lexus sales firms were affected by the incident, the hack hit Toyota Sales Holdings Inc., a subsidiary of Toyota Motor in Japan, and its affiliates.
An investigation into the incident is ongoing, but the car vendor said unauthorized access had been detected on March 21 on a server containing data belonging to 3.1 million customers.
Exposed records included names, addresses, dates of birth, occupation and other information, the good news is that no financial data was exposed in the incident.
The car manufacturer pointed out that there is no evidence that hackers have stolen the data.
“Additionally, three other independent dealers in Japan are possibly involved. Toyota Motor North America (TMNA) is monitoring the situation closely and is currently unaware of any compromise of TMNA systems associated with this incident or evidence that Toyota or Lexus dealers in the United States have been targeted,” the company said in a statement.
“Toyota Motor North America (TMNA) is monitoring the situation closely and is currently unaware of any compromise of TMNA systems associated with this incident or evidence that Toyota or Lexus dealers in the United States have been targeted,” reads a statement sent by TMNA via email.
The company revealed that unauthorized access had also been detected at subsidiaries in Thailand and Vietnam on March 19.
This is the second time Toyota has disclosed a data breach this year, on February 21, 2019, Toyota Australia reported a security breach. At the time, the company said that the security breach didn’t impact user or customer data, but the attack caused disruptions to IT systems.
Some experts argued the attack against Toyota Australia was carried out by the Vietnamese APT32 group.
(SecurityAffairs – data breach, hacking)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.