Toyota Data Breach Steers Financial Info And Personal Details Into Hands Of Hackers
In a post to the Toyota website, the auto manufacturer reports that it had detected “unauthorized activity on systems at a limited number of locations, including Toyota Kreditbank GmbH in Germany” in November. Toyota explains that, with this attack, the threat actor managed to access personal data, causing systems to be locked down by the security folks at Toyota. As of the beginning of December, though, systems at Toyota Kreditbank GmbH were being brought back online incrementally.
The attack may have been carried out by the extortion group Medusa that has since published the compromised data to its site. The screenshots shown there indicate that not only personal financial information was compromised, but also internal information such as username and password combinations for development and production IT infrastructure. German outlet Heise also reports that, according to notices sent to customers, the personal data includes surname, first name, address, International Bank Account Number (IBAN), and other “contract information.”
Regardless of exactly what information was compromised, this is a significant breach that is now in the public domain. The threat actors, who purportedly demanded $8m from Toyota, didn't get their payday and subsequently published the data. Now it's up for anyone to download, so take the necessary steps to secure your personal information if you may have been affected.