Toyota confirmed that its community was breached after a menace actor leaked an archive of 240GB of information stolen from the corporate’s methods on a hacking discussion board.
“We’re conscious of the scenario. The problem is restricted in scope and isn’t a system vast situation,” Toyota advised BleepingComputer when requested to validate the menace actor’s claims.
The corporate added that it is “engaged with those that are impacted and can present help if wanted,” however has but to supply info on when it found the breach, how the attacker gained entry, and the way many individuals had their knowledge uncovered within the incident.
ZeroSevenGroup (the menace actor who leaked the stolen knowledge) says they breached a U.S. department and had been capable of steal 240GB of recordsdata with info on Toyota staff and clients, in addition to contracts and monetary info,
Additionally they declare to have collected community infrastructure info, together with credentials, utilizing the open-source ADRecon software that helps extract huge quantities of data from Lively Listing environments.
“We’ve hacked a department in United States to one of many greatest automotive producer on this planet (TOYOTA). We’re actually glad to share the recordsdata with you right here without cost. The information dimension: 240 GB,” the menace actor claims.
“Contents: Every thing like Contacts, Finance, Clients, Schemes, Workers, Photographs, DBs, Community infrastructure, Emails, and loads of good knowledge. We additionally give you AD-Recon for all of the goal community with passwords.”
Whereas Toyota hasn’t shared the date of the breach, BleepingComputer discovered that the recordsdata had been stolen or not less than created on December 25, 2022. This date may point out that the menace actor gained entry to a backup server the place the info was saved.
Final 12 months, Toyota subsidiary Toyota Monetary Companies (TFS) warned clients in December that their delicate private and monetary knowledge was uncovered in a knowledge breach ensuing from a Medusa ransomware assault that impacted the Japanese automaker’s European and African divisions in November.
Months earlier, in Might, Toyota disclosed one other knowledge breach and revealed that the car-location info of two,150,000 clients was uncovered for ten years, between November 6, 2013, and April 17, 2023, due to a database misconfiguration within the firm’s cloud setting.
Weeks later, it discovered two further misconfigured cloud providers leaking Toyota clients’ private info for over seven years.
Following these two incidents, Toyota mentioned it applied an automatic system to observe cloud configurations and database settings in all its environments to stop such leaks sooner or later.
A number of Toyota and Lexus gross sales subsidiaries had been additionally breached in 2019 when attackers stole and leaked what the corporate described on the time as “as much as 3.1 million objects of buyer info.”