Toyota discloses customer data breach

Share post:

Toyota has disclosed that customer information from Japan and other countries in Asia and Oceania was publicly available due to two incidents.

Toyota undertook a rigorous evaluation of its cloud settings following a prior incident in which information on over 2 million automobiles in Japan was exposed. It then discovered another instance affecting around 260,000 clients.

This breach revealed in-vehicle device identifying numbers and map data from the cars’ navigation terminals. The exposed data did not indicate the location of the cars or identify specific customers, but it could still be used to get access to the vehicles.

One breach was caused by a misconfiguration in Toyota Connected Corporation’s cloud infrastructure. Customers’ names, addresses, phone numbers, and car information were among the information revealed. From October 2016 until May 2023, the information was available to the public.

Customers who used their G-BOOK service with compatible navigation systems, as well as those customers who renewed their Maps on Demand subscription, were also impacted by the second incident. It was linked to a prior hack using G-Link technology, which was utilized in Lexus automobiles. The services in question were used between February 9, 2015, and May 12, 2022.

Toyota stated that it will notify affected customers through email and set up a call center to address any questions or concerns.

The sources for this piece include an article in TheRecord.

SUBSCRIBE NOW

Related articles

Hamilton Estimates $52 Million to Rebuild IT Systems After Ransomware Attack

The city of Hamilton plans to spend $52 million over the next three years to rebuild and secure...

Avery Data Breach: Credit Card Skimmer Affects Over 61,000 Customers

Label maker Avery has disclosed a data breach affecting 61,193 customers, caused by a credit card skimmer that...

Scammed Company Ordered to Pay $190k for Fraudulent Invoice Payment

A hacker gained access to Mobius Group’s email system and sent instructions from a legitimate email address, directing...

Sneaky 2FA: A Sophisticated Attack Defeats Both 2FA and Phishing Protections

A new phishing kit, ominously named "Sneaky 2FA," has emerged, targeting Microsoft 365 users by bypassing two-factor authentication...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways