Toyota confirms data breach as stolen data is published on hacking forum
Learn More
Toyota has confirmed a data breach following the leak of 240 GB of sensitive information on a hacking forum by the threat actor known as ZeroSevenGroup.
The breach reportedly occurred at a U.S. branch of Toyota, where the attackers claim to have accessed and stolen the data using the ADRecon tool, which extracts detailed information from Active Directory environments. The stolen data appears to have been taken or at least created on December 25, 2022, indicating that the attackers might have accessed a backup server. Toyota has not disclosed when the breach was first discovered or how it occurred.
The leaked data includes a wide array of information, such as:
- Personal and professional contact details
- Financial records
- Customer profiles
- Business plans
- Employee information
- Network infrastructure details
- Emails
The number of affected individuals is not disclosed. The company did confirm that the breach is limited in scope and that they are working with those affected to provide assistance.
This breach is not Toyota’s first recent security incident. In November 2023, Toyota Financial Services warned customers about exposed data following a Medusa ransomware attack targeting its European and African divisions. Earlier in May 2023, Toyota disclosed a decade-long data exposure affecting 2.15 million customers due to a misconfigured database and a separate leak of Toyota Oceania.
