On August 16, hacker ZeroSevenGroup announced that it had infiltrated Toyota's US branch, stealing 240GB of employee and customer information, as well as contracts and financial information. A hacker forum later put up the 240GB of data for sale.
After the incident, on August 19, the company admitted that its network system in the US had been attacked. However, the problem did not affect the entire system - a Toyota representative shared with Bleeping Computer.
Toyota said it is working with those affected and will provide assistance as needed. However, it did not provide details on when the system was compromised, how the hackers accessed it, or how many users had their data exposed.
According to analysis by experts from Bleeping Computer, the files that were sold were created from December 25, 2022 onwards. However, this date only shows that the hackers had access to the server where the data was stored.
Previously, in May 2023, Toyota also admitted to an attack that exposed vehicle location data of 2,150,000 customers. A few weeks later, the company continued to discover two misconfigured cloud services that leaked customer information.
After a series of incidents, Toyota implemented an automated cloud configuration monitoring system and installed a database for internal computers to prevent similar incidents.
Source: https://kinhtedothi.vn/toyota-bi-tan-cong-mang.html
Comment (0)