Skip to content

240 GB of Toyota data appears on a hacking forum

  • by
  • 2 min read

Toyota has confirmed yet another breach, this time with a massive 240 GB archive of data leaked on a hacking forum by ZeroSevenGroup. The automaker, a global leader in the automotive industry, acknowledged the breach following the leak, which allegedly originated from one of its U.S. branches.

The breach was first reported after the threat actor claimed responsibility for the attack. The group announced on a hacking forum that they had successfully infiltrated Toyota’s systems and exfiltrated sensitive information, including employee and customer data, contracts, financial records, and network infrastructure details.

This latest incident marks another entry in a growing list of cybersecurity breaches involving Toyota. Although the company insisted that the breach is limited in scope and does not affect its systems globally, the exact extent of the damage remains unclear.

Toyota has refrained from providing detailed information on how the breach occurred, when it was detected, or the total number of individuals whose data may have been compromised.

“We are aware of the situation. The issue is limited in scope and is not a system-wide issue,” Toyota told BleepingComputer.

This is an image of toyota breach 2024
Source: BleepingComputer

However, many questions remain unanswered, particularly concerning the timeline of the breach and the measures Toyota has taken since the data was stolen.

The stolen data is believed to have been gathered using ADRecon, an open-source tool to extract detailed information from Active Directory environments. This raises concerns about the security of Toyota’s network infrastructure, especially because the threat actor claimed to have accessed comprehensive network credentials.

This breach adds to Toyota’s troubling pattern of cybersecurity issues. In May 2023, Toyota’s misconfigured cloud bucket was exposed to unauthorized access to the Internet, exposing the data of more than 2.15 million customers in Japan.

This and subsequent breaches prompted Toyota to implement an automated monitoring system to secure cloud configurations and database settings. However, the recurrence of breaches suggests that these measures may be insufficient to protect against increasingly sophisticated cyber threats.

In the News: Recordscheck.net hosted sensitive NPD information in plain text

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: kumarhemant@pm.me

Related Reads

This is an image of dark web hacker security

Russian pro basketball player arrested on ransomware charges

This is an image of tik tok 39239

Ireland launches fresh investigation into TikTok over data transfer to Chinese servers

Illustration: jmiks | shutterstock

British NCA arrest four for hacking M&S, Co-op, and Harrods

A mcdonald's sign on a pole.

McDonald’s AI bot leaks job applicants’ data

This is an image of dprk north korea flag

US sanctions North Korean hacker for running fraud IT worker scheme

This is an image of ransomware 32988sd

M&S confirms April cyberattack was ransomware

>