Toyota suffers third consecutive data breach within a few weeks.
World famous Japanese automobile maker Toyota has become the target of a third data breach only within two months’ time. In the latest data breach, it is reported that the company lost data of 3.1 million customers. Previously, Toyota Australia was targeted by cybercriminals and later the company’s main officers in Vietnam were also targeted.
In the latest attack, cybercriminals managed to breach Toyota’s IT systems and obtained exclusive details about many of Toyota’s sales subsidiaries including Toyota Tokyo Sales Holdings, Tokyo Toyopet, Nets Toyota Tokyo, Tokyo Motor, Lexus Nerima, Lexus Koishikawa, Toyota West Tokyo Corolla, and Toyota Tokyo Corolla.
According to reports, a Vietnam-based cyber espionage group known as called APT32 or OceanLotus is responsible for the attacks on Toyota.
Vietnamese cyber espionage trackers:
Check the 🆕 @riskybusiness podcast 🎙️ episode (534). A chat with a Toyota Australia dealership employee leads to a reexamination of the impacts & motives of their recent breach.
I agree that #APT32 🇻🇳 is targeting auto industry…
— Nick Carr (@ItsReallyNick) March 14, 2019
Toyota maintains that financial information hasn’t been stolen from its servers but private information including names, email IDs, and addresses could have been accessed. The company claims that they are taking this incident very seriously and will be implementing stringent security measures encompassing dealers and the Toyota group. The automobile maker is currently trying to determine the number of affected customers.
Cybersecurity experts are naturally worried about the number of breaches that a high profile company like Toyota has suffered within a few weeks. According to Anurag Kahol, Bitglass’s CTO:
“For a company that has suffered two significant data breaches in five weeks, Toyota must take swift and effective action not only to strengthen its security, but also to try and restore the trust of its customers. The company’s initial statement after the second data breach pledging to ‘thoroughly implement information security measures’ is not encouraging.”
Kahol also stated that since the nature and extent of threats are continuously expanding and so are the regulations, large-scale multinational firms serve as a potential target for attackers.
“The simple fact that a second data breach occurred raises questions about which kinds of security measures, if any, the company has implemented thus far. A global enterprise like Toyota must leverage advanced security solutions appropriate for its massive scale and complex IT infrastructure,” Kahol added.
Reportedly, the hacker obtained access to Toyota and Lexus sales subsidiaries servers and credit card information is also part of the stolen data, but Toyota so far hasn’t confirmed data breach of financial data as mentioned above and it hasn’t also been exfiltrated so far. Kahol believes that it is a matter of concern that hacker was able to access private information from the company’s sales records.
“Additionally, it must make the shift to a more proactive approach to security. Waiting to take action until multiple breaches occurred is simply not acceptable,” said Mackey.
This is the statement Toyota Group posted on its global web page:
“We apologize to everyone who has been using Toyota and Lexus vehicles for the great concern. We take this situation seriously, and will thoroughly implement information security measures at dealers and the entire Toyota Group.”