Mazda Reports Data Breach After Exploitation of Warehouse Management System
Learn More
Mazda Motor Corporation, a major Japanese automaker, reports a data breach on March 19, 2026, following unauthorized access to a warehouse management system.
The incident, detected in mid-December 2025, was caused by the exploitation of vulnerabilities in a system handling parts procurement from Thailand.
Mazda has not officially named an attacker but the Clop ransomware group previously claimed to have compromised the company's domains in late 2025. The company reported the matter to the Personal Information Protection Commission of Japan and started an investigation.
The investigation confirmed that the breach was limited to this specific management environment. The compromised data includes:
- User IDs issued by Mazda
- Full names of employees and partners
- Corporate email addresses
- Company names
- Business partner identification numbers
The breach affected 692 records belonging to employees of Mazda, its group companies, and its business partners. Mazda claims that no customer personal information was stored on the compromised system.
The company is providing direct support to affected individuals through a dedicated inquiry form and has advised all partners to remain careful of follow-up attacks using the compromised data.
