The week closes with the news of a data breach suffered by Toyota Motor Corporation (TMC) sales subsidiary and its affiliates that exposed personal information belonging to millions of customers in Japan.
The company confirmed that eight Toyota and Lexus sales firms were affected by the incident, the hack hit Toyota Sales Holdings Inc., a subsidiary of Toyota Motor in Japan, and its affiliates.
An investigation into the incident is ongoing, but the car vendor said unauthorized access had been detected on March 21 on a server containing data belonging to 3.1 million customers.
Exposed records included names, addresses, dates of birth, occupation and other information, the good news is that no financial data was exposed in the incident.
The car manufacturer pointed out that there is no evidence that hackers have stolen the data.
“Additionally, three other independent dealers in Japan are possibly involved. Toyota Motor North America (TMNA) is monitoring the situation closely and is currently unaware of any compromise of TMNA systems associated with this incident or evidence that Toyota or Lexus dealers in the United States have been targeted,” the company said in a statement.
“Toyota Motor North America (TMNA) is monitoring the situation closely and is currently unaware of any compromise of TMNA systems associated with this incident or evidence that Toyota or Lexus dealers in the United States have been targeted,” reads a statement sent by TMNA via email.
The company revealed that unauthorized access had also been detected at subsidiaries in Thailand and Vietnam on March 19.
This is the second time Toyota has disclosed a data breach this year, on February 21, 2019, Toyota Australia reported a security breach. At the time, the company said that the security breach didn’t impact user or customer data, but the attack caused disruptions to IT systems.
Some experts argued the attack against Toyota Australia was carried out by the Vietnamese APT32 group.
(SecurityAffairs – data breach, hacking)