Toyota has confirmed a recent network breach after a threat actor leaked a substantial archive of data on a hacking forum, according to Bleeping Computer. The compromised archive contains 240GB of data stolen from Toyota’s systems, which includes sensitive information on employees, customers, contracts, and financial records.
The threat actor behind the breach, known as ZeroSevenGroup, claims to have accessed a U.S. branch of Toyota and used the open-source ADRecon tool to extract extensive network infrastructure data, including credentials. They have shared the stolen files, which reportedly include everything from contacts and financial information to photos and database contents.
Toyota responded to Bleeping Computer’s inquiry by acknowledging the breach but indicating that it is “limited in scope” and not a system-wide issue. The company has stated that it is working with those impacted and will offer assistance if needed. However, Toyota has not yet disclosed specifics about when the breach was discovered, how the attackers gained access, or the total number of individuals affected.
Bleeping Computer’s investigation revealed that the stolen files were either created or stolen on December 25, 2022, suggesting that the attackers may have accessed a backup server where the data was stored. This breach follows a series of previous incidents involving Toyota’s data security.
In December of the previous year, Toyota Financial Services (TFS) disclosed a data breach affecting customers’ personal and financial data due to a Medusa ransomware attack. This attack impacted Toyota’s European and African divisions. Earlier in 2023, Toyota reported another breach revealing car-location data of 2.15 million customers due to a database misconfiguration in its cloud environment. Additionally, multiple misconfigured cloud services were found leaking personal information for over seven years.
Toyota has since implemented an automated monitoring system for cloud configurations and database settings to prevent future breaches. This latest incident adds to Toyota’s history of data security challenges, including a significant breach in 2019 where up to 3.1 million items of customer information were stolen and leaked.
For ongoing updates and more details on this breach, stay tuned to Bleeping Computer.