Toyota hacked, 240 GB of data stolen

"We are aware of the situation. The issue is limited in scope and does not have a system-wide impact," a Toyota representative told Reuters.Bleeping ComputerAugust 19

The Japanese automaker also said it was “working with those affected and will provide assistance as needed.” However, it did not provide details on how long the system was compromised, how the hackers gained access, or how many users had their data exposed in the incident.

Previously, on August 16, a hacker named ZeroSevenGroup announced that he had infiltrated a Toyota branch in the US, stealing 240 GB of data containing information about employees and customers, contracts and financial information. This person also said that he had information about the network infrastructure by using the open source tool ADRecon and extracting a large amount of information from the Active Directory environment.

According to the analysis based on the downloaded file, the expert ofBleeping ComputerThe files for sale were found to have been created on or after December 25, 2022. However, this date may simply indicate that the hackers had access to the backup server where the data was stored.

Last December, subsidiary Toyota Financial Services (TFS) also sent out a warning to customers that “sensitive” personal and financial data had been exposed in a Medusa ransomware attack. TFS said the hack affected branches in Europe and Africa.

In May 2023, Toyota admitted to another attack that exposed vehicle location data for 2,150,000 customers between November 6, 2013 and April 17, 2023. A few weeks later, the company discovered two misconfigured cloud services that exposed customers’ personal information stored for more than seven years.

Following the series of incidents, Toyota said it has deployed an automated system to monitor cloud configurations and install a database for all internal computers to prevent similar leaks.