On August 16th, hacker ZeroSevenGroup claimed to have infiltrated Toyota's US branch, stealing 240GB of data including employee and customer information, contracts, and financial details. Subsequently, a hacker forum offered the 240GB of data for sale.
Following the incident, on August 19th, the company acknowledged that its network system in the US had been attacked. However, the issue did not affect the entire system – a Toyota representative told Bleeping Computer.
Toyota stated that the company is working with affected parties and will provide support if needed. However, the company did not specify when the system was compromised, how the hackers accessed it, or how many users had their data exposed.
According to analysis by experts from Bleeping Computer, the files being offered for sale were created from December 25, 2022 onwards. However, this date only indicates that the hacker gained access to the server where the data was stored.
Previously, in May 2023, Toyota also admitted to a hack that exposed the location data of 2,150,000 customers. A few weeks later, the company further discovered two misconfigured cloud services that resulted in customer data leaks.
Following a series of incidents, Toyota implemented an automated cloud-based configuration monitoring system and installed a database on internal computers to prevent similar incidents from happening again.
Source: https://kinhtedothi.vn/toyota-bi-tan-cong-mang.html
Comment (0)