Toyota pontential data breach - data on more than 2 million vehicles in Japan were at risk for over a decade

Toyota has revealed that a data breach in its much-touted online Connected service has potentially put information on over 2 million vehicles at risk. The breach occurred between January 2012 and April 2023 and solely affects vehicles in Japan, according to Toyota spokesperson. The Connected service offers various features such as maintenance reminders, streaming entertainment, and emergency assistance, including crash notifications and stolen vehicle tracking. As of now, no adverse incidents resulting from the breach have been reported. Update - Toyota informed that the data breach stemmed from human error, leading to a cloud system being set to public instead of private. While there is no evidence of leaked, copied, or misused information, the data at risk includes vehicle identification numbers (separate from license plates), vehicle locations with timestamps, and video footage captured by the vehicles' drive recorders. However, Toyota Motor Corp., the manufacturer of popular models like the Prius hybrid and Lexus luxury vehicles, assures that this information cannot be used to identify individual owners. Approximately 2.15 million people, including users of net services such as G-Link, G-Book, and Connected, have been affected by the breach. Toyota's Connected service in Japan is operated by a subsidiary, and it was recently discovered that external access to such information should have been disabled. Toyota confirmed that the system issue has been rectified, assuring owners of Connect-enabled vehicles that it is safe to continue driving without the need for repairs.