Toyota confirmed its network was breached by a hacker who stole roughly 240GB of data from the company’s systems.
The automaker said it has contacted those impacted by the breach. However, the company hasn’t released any information on the attack, such as when it was discovered, who the thief is, and how many customers’ data was exposed.
Toyota said it is “aware” of the situation. “The issue is limited in scope and is not a system-wide issue,” the company added.
ZeroSevenGroup is reported to have stole Toyota’s information, and said the data contains details of Toyota employees, customers, contracts, and financial information.
“We have hacked a branch in United States to one of the biggest automotive manufacturer in the world (TOYOTA),” the threat actor reportedly claimed. “We are really glad to share the files with you here for free. The data size: 240 GB.”
The group also claimed to have collected network infrastructure information using an open source ADRecon tool.
“There is evidence in this breach that the threat actors targeted the company’s Active Directory, using a scraping tool to elevate their privileges, gather further credentials and information about the network with the goal to extract vast amounts of data,” said Guido Grillenmeier, principal technologist at Semperis, in an emailed statement to Dark Reading. “It doesn’t surprise me that the attackers breached one of Toyota’s US dealerships given how vast their footprint is with more than 1,500 locations in the US and 200 global distributors.”
Toyota did not reply to a Dark Reading request for comment.
About Author
