Toyota Kirloskar suffers cyberattack that might have leaked customers' data
Toyota Kirloskar Motor (TKM) reported on Sunday that it was the victim of a cyberattack. The company is yet to confirm the extent of the data breach. It is believed that the attack targeted the personal information of customers. If true, this is the latest in the line of cyberattacks that exposed the personal details of customers.
Why does this story matter?
For Toyota's Indian customers, the new year has begun with news for worry - a cyberattack that possibly resulted in leaking customer data. With the increase in data breaches targeting public and private enterprises lately, it is hardly surprising anymore. However, this poses a serious question - are companies failing at their task to protect customer data as custodians?
The company hasn't provided details about the extent of breach
TKM was notified by one of its service providers about the data breach, the company said in a statement. It added that the incident "might have exposed the personal information of some of TKM's customers on the internet." The automaker, however, has not provided any information regarding how many customers were impacted by the breach or what data was exposed.
CERT-In has been notified about the data breach
TKM said in its statement that it informed CERT-In (Indian Computer Emergency Response Team) about the breach. "Considering this incident, TKM will work with its service provider to further enhance the existing extensive guidelines being followed and is fully committed to avoid any kind of inconvenience to our esteemed customers," the company said. It issued an apology to customers for "any concern caused."
Toyota had accidentally exposed the data of customers earlier
In October last year, Toyota revealed that it accidentally exposed a credential that allowed access to customer data in a public GitHub repository from December 2017 to September 2022. The email addresses and customer management numbers of at least 300,000 customers were leaked as a result of the incident. The leaked data belonged to customers who subscribed to T-Connect.
