Toyota suffers massive breach, 240GB of data leaked online
Toyota has confirmed a significant data breach, following the online leak of an archive containing 240GB of stolen data from the company's systems. The leaked information was discovered on a hacking forum by ZeroSevenGroup, a known threat actor. In response to this incident, Toyota stated to BleepingComputer that it is "aware of the situation," but clarified that "the issue is limited in scope and is not a system-wide issue."
Toyota in talks with affected parties post breach
Toyota has not yet disclosed when it first detected the breach, or how the attacker managed to infiltrate its systems. The Japanese automaker is currently communicating with those affected by this incident and has pledged to offer assistance if necessary. However, it remains unclear how many individuals had their data compromised in this security breach.
Hackers claim to have breached US branch
ZeroSevenGroup, the threat actor responsible for the data leak, claims to have infiltrated a US branch of Toyota. The group alleges that it was able to extract 240GB of files containing information about Toyota's employees and customers, contracts, and financial data. Additionally, they assert that they gathered network infrastructure details including credentials using ADRecon - an open-source tool designed for extracting large amounts of information from Active Directory environments.
Breach follows previous data leaks at Toyota
This latest breach follows a series of data leaks at Toyota. In December last year, the company's subsidiary, Toyota Financial Services (TFS), warned customers about a potential exposure of their sensitive personal and financial information due to a Medusa ransomware attack. Earlier in May, another data breach resulted in the exposure of car-location information for over two million customers for a decade due to cloud database misconfiguration.
Toyota's measures to prevent future data leaks
In response to these incidents, Toyota has implemented an automated system to monitor cloud configurations and database settings across all its environments. This measure is aimed at preventing similar data leaks in the future. Despite these efforts, the recent breach indicates that challenges remain in securing customer and employee information within large organizations like Toyota.