AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Toyota: prolonged data exposure due to cloud configuration glitch

Automobile giant conducts thorough security checks after years-long customer data breach impacts both domestic and international clients

This pill is also available in Italian language

Renowned Japanese automobile manufacturer Toyota revealed this week that a glitch in its cloud configuration has resulted in a multi-year exposure of its customer data. The security flaw affected environments managed by Toyota Connected Corporation (TC), encompassing a wide range of information including vehicle-related data of domestic clients and personal data of international customers.

Investigation and cause of data breach

Toyota attributed this breach to inadequate distribution and enforcement of data handling regulations. In an effort to ensure the protection of data, the company is conducting thorough checks on all environments. The data under threat included the in-car device ID, updates on map data, and map data creation dates for an estimated 260,000 customers in Japan. The exposure was reported to occur between February 2015 and May 2023.

Affected customer services and potential overseas impact

The data breach primarily affected customers using Toyota's services such as G-Book mX or G-Book mX Pro compatible navigation systems, and those who subscribed to G-Link or G-Link Lite and renewed their service between February 2015 and March 2022. Toyota asserted that this data is typically deleted from the cloud within a short period post-distribution, and is not stored or amassed during the aforementioned period. Additionally, the improperly configured environments contained records relating to maintenance by overseas dealers, potentially exposing personal data, including names, addresses, contact details, customer IDs, VINs, and vehicle registration numbers from October 2016 to May 2023. The affected customers were primarily located in certain Asian and Oceanic nations.

Toyota's response and previous data incidents

Toyota is currently notifying all the affected individuals, though the total number of impacted customers remains undisclosed. The automobile giant stated it has not found any evidence of the compromised data being exploited or offered on the internet. This incident closely follows another disclosure made by the company weeks prior, where it confessed to exposing data linked to over two million vehicles in Japan across a span of more than a decade.

Follow us on Twitter for more pills like this

06/01/2023 14:56

Editorial AI

Last pills

Serious vulnerability discovered in Rabbit R1: all user data at riskVulnerability in Rabbit R1 exposes sensitive API keys. What are the privacy risks?

Cyber attack in Indonesia: the new Brain Cipher ransomware brings services to their kneesNew ransomware hits Indonesia: learn how Brain Cipher crippled essential services and the techniques used by hackers

Patelco Credit Union: security incident halts customer services in CaliforniaService disruption and customer frustration: Patelco Credit Union works to resolve security incident

Cyber attack on TeamViewer: immediate response and investigations underwayStrengthened security measures and international collaborations to counter the cyber threat