Toyota faced a significant breach in their network recently, as confirmed by the company itself. The breach was orchestrated by a hacker who managed to steal around 240GB of data from Toyota’s systems. This breach has put the data of thousands of customers at risk.
Although Toyota has reached out to those affected by the breach, the company has not disclosed crucial information regarding the attack. Details such as the time of discovery, the identity of the hacker, and the exact number of customers impacted have not been made public.
The automaker stated that they are “aware” of the situation and emphasized that the issue is contained and not widespread across their systems. However, ZeroSevenGroup, the threat actor behind the breach, claimed to have accessed data including information on Toyota employees, customers, contracts, and financial records.
The group responsible for the breach bragged about their feat, stating, “We have hacked a branch in the United States to one of the biggest automotive manufacturers in the world (TOYOTA). We are really glad to share the files with you here for free. The data size: 240 GB.” This statement underscores the severity of the breach and the potential ramifications for Toyota and its customers.
Furthermore, ZeroSevenGroup asserted that they leveraged an open-source tool called ADRecon to gather network infrastructure information. This tactic allowed them to target Toyota’s Active Directory, escalate their privileges, obtain additional credentials, and harvest vast amounts of data. Guido Grillenmeier, a principal technologist at Semperis, noted, “It doesn’t surprise me that the attackers breached one of Toyota’s US dealerships given how vast their footprint is with more than 1,500 locations in the US and 200 global distributors.”
While Toyota has acknowledged the breach, the company has not responded to requests for comments from Dark Reading. The lack of transparency from Toyota raises concerns about the extent of the breach and the potential impact on their customers. Moving forward, Toyota will need to address the security vulnerabilities in their network to prevent future breaches and safeguard the sensitive information of their customers.