Toyota has confirmed a major data breach after hackers posted stolen information on an underground forum, but many details are still missing.
Earlier this week, a cybercriminal going by the name ZeroSevenGroup posted a new message on a dark web forum, claiming to have stolen 240GB of sensitive files from the company.
“We hacked a US branch of one of the world’s largest automakers (TOYOTA). We are very happy to share the files with you here for free. Data size: 240GB,” the group said in the thread. “Content: Everything like Contacts, Finances, Customers, Schedules, Employees, Photos, DBs, Network Infrastructure, Emails and lots of perfect data. We also provide you AD-Recon for all target networks with passwords.”
Theft from the archives
Toyota said BleepingComputer The claims were true, but no details were given.
“We are aware of the situation. The issue is limited in scope and is not a system-wide problem,” the company said, adding that it “is engaged with those affected and will provide assistance as needed.”
Other crucial information, such as when the attack occurred, when it was discovered, how the bad guys gained access to the network, or how many people were affected by the breach, is missing. It is likely that Toyota is still investigating the incident and will provide an update soon.
In an attempt to find out some information myself, BleepingComputerThe researchers found that the files were stolen, or at least created, on December 25, 2022, suggesting they may have been a loot grab from archived data.
Toyota has had multiple data incidents in the past, including two in December and May 2023 and one in October 2022.