Several Toyota companies have announced that they might have suffered data breach attempts, with one affecting 3.1 million Toyota and Lexus customers.
In a brief account describing the most significant of these, the Japanese parent company said that on 21 March attackers gained “unauthorized access on the network” which led them to customer data belonging to eight sales subsidiaries in the country.
Toyota said it is still investigating what data might have been breached, or even whether any data has been breached:
We have not confirmed the fact that customer information has been leaked at this time, but we will continue to conduct detailed surveys, placing top priority on customer safety and security.
So far, it has at least managed to establish that…
…The information that may have been leaked this time does not include information on credit cards.
Clearly, the company isn’t taking any chances and has decided to tell its customers something now rather than sitting on bad news.
Normally a data breach affecting Japanese Toyota subsidiaries wouldn’t get that much attention if it weren’t for the fact that it fits a larger pattern of attacks against the company.
Toyota Motor Vietnam has come to be aware of a possibility that the company was targeted by a cyberattack and that some of its customer data may have been potentially accessed.
These statements echo the uncertainty of the Japanese announcement about what, if anything, the attackers were able to access.
In February, meanwhile, Toyota Australia said it had been targeted by attackers in an “attempted” cyberattack that was not successful in stealing data despite disrupting parts delivery and some other systems.
At least one security analysis has connected these attacks to a single entity, dubbed APT32 (OceanLotus Group), the latest in a line of highly targeted incidents against automotive industries and other sectors dating back to 2013.