Toyota Runs Into Another Security Breach With Hackers Leaking 240GB Of Stolen Data
The Japanese automaker confirmed that a malicious actor breached its network and leaked 240GB of stolen data on a hacking forum. Toyota said in a statement, "We are aware of the situation. The issue is limited in scope and is not a system wide issue." The company hasn't revealed any further information regarding the matter, such as the number of people whose data was stolen or when or how ZeroSevenGroup hacked its network.
On the other hand, ZeroSevenGroup claims that the data it accessed through a U.S. branch contains information on Toyota employees and customers, contracts, and financial information. Furthermore, the hacker group say that by using the open-source ADRecon tool (that pulls massive amounts of information from Active Directory environments), it was able to steal network infrastructure information as well. When BleepingComputer sieved through the files, it found that the stolen files were dated December 25, 2022, which seems to point to the likelihood that ZeroSevenGroup accessed the data cache through a backup server.
Late last year, we covered how Toyota's Financial Services group had personal details of millions of customers stolen by extortion group Medusa. The group demanded $8 million, which Toyota didn't pay, leading to the data being released into the wild.
Also, last month, CDK Global, the IT service provider for U.S. Toyota auto dealers suffered a cyberattack that disrupted operations for nearly two weeks. The fallout of that attack were varied: some dealerships couldn't pay their employees, while others had to resort to recording sales with the good old paper and pen.
As we mentioned, even though Toyota isn't the only automaker hit by nefarious attacks in the past year, the past 12 months hasn't been kind to the brand beyond the data security realm. It's had to endure production line shut downs, and a recall for over 100,000 Toyota and Lexus vehicles over potential complete engine failure