Toyota warns customers of data breach exposing personal, financial info

Trending 2 months ago


Toyota Financial Services (TFS) is admonishing barter it suffered a abstracts breach, advertence that acute claimed and banking abstracts was apparent in the attack.

Toyota Financial Services, a accessory of Toyota Motor Corporation, is a all-around article with a attendance in 90% of the markets area Toyota sells its cars, accouterment auto costs to its customers.

Last month, the aggregation accepted that it detected unauthorized access on some of its systems in Europe and Africa, afterward a affirmation from Medusa ransomware about auspiciously compromising the Japanese automaker's division.

The blackmail actors accepted a acquittal of $8,000,000 to annul the baseborn abstracts and gave Toyota 10 canicule to acknowledge to their blackmail.

At the time, a Toyota agent told BleepingComputer that the aggregation had detected crooked acceptance on some of its systems in Europe and Africa. The aggregation took assertive systems offline to accommodate the breach, which impacted chump services.

Presumably, Toyota has not adjourned a bribe acquittal with the cybercriminals, and currently, all abstracts has been leaked on Medusa's extortion aperture on the aphotic web.

Stolen abstracts accessible for download via Medusa's extortion portalStolen abstracts accessible for download via Medusa's extortion portal (BleepingComputer)

Earlier this month, Toyota Kreditbank GmbH in Germany was identified as one of the impacted divisions, acceptance that hackers acquired acceptance to customers' claimed data.

German account outlet Heise received a sample of the notices beatific by Toyota to German customers, allegorical that the afterward abstracts has been compromised:

  • Full name
  • Residence address
  • Contract information
  • Lease-purchase details
  • IBAN (International Bank Account Number)

This blazon of abstracts can be acclimated in phishing, amusing engineering, scams, banking fraud, and alike character annexation attempts.

Notice beatific to impacted customersNotice beatific to impacted customers (Heise)

The notification verifies the aloft abstracts as compromised based on the advancing investigation. However, the centralized analysis isn't complete yet, and there charcoal a achievability that attackers accessed added information.

Toyota promises to promptly amend afflicted barter should the centralized analysis acknowledge added abstracts exposure.

BleepingComputer has contacted Toyota for added information, like the exact cardinal of apparent customers, but we accept not heard aback by advertisement time.