Toyota and Lexus Dealerships Hacked, Millions Left Vulnerable

Toyota and Lexus Dealerships Hacked, Millions Left Vulnerable

Toyota's servers in Japan have been hacked, leaving the data of millions left vulnerable.

Toyota has confirmed that as many as 3.1 million items of Toyota and Lexus customer data may have been breached following an attack on dealerships in Japan.

The company says that "information that may have been leaked this time does not include information on credit cards," but customers are already on edge following the cyber-attack that hit Toyota Australia in February. 

Notification about the breach was published in the company newsroom last week. The statement said that there was "unauthorized access on the network" of a number of dealerships in the Tokyo area of Japan on March 21. Up to 3.1 million pieces of customer data, stored on a server connected to that network, may have been compromised as a result. 

While Toyota insists that credit card data was not leaked, they did mention that names, birth dates and employer information might have been accessed.

"Toyota has leaked names, birth dates and employment information, which can easily become a basis for identity theft," Dan Tuchler, CMO at SecurityFirst said. "But as cars continue to incorporate in-car wifi, voice-based assistants, and automated driver assist, there will be a much larger digital footprint stored on a car maker's servers. Who knows what kind of data will be stored, or what hackers can do with it."

Cyber security analysts are not sure if the breach in Australia and Japan are linked, but Toyota has already said they will begin an investigation into the matter. 

"There's more to learn after this initial disclosure," Tim Erlin, VP, product management and strategy at Tripwire said. "Toyota will continue their investigation, no doubt, but whether further information is actually shared with consumers and the public remains to be seen."


About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

  • Evolving Cybersecurity Strategies: Uniting Human Risk Management and Security Awareness Training

    Organizations are increasingly turning their attention to human-focused security approaches, as two out of three (68%) cybersecurity incidents involve people. Threat actors are shifting from targeting networks and systems to hacking humans via social engineering methods, living off human errors as their most prevalent attack vector. Whether manipulated or not, human cyber behavior is leveraged to gain backdoor access into systems. This mainly results from a lack of employee training and awareness about evolving attack techniques employed by malign actors. Read Now

  • Report: 1 in 3 Easily Exploitable Vulnerabilities Found on Cloud Assets

    CyCognito recently released new research highlighting critical security vulnerabilities across cloud-hosted assets, revealing that one in three easily exploitable vulnerabilities or misconfigurations are found on cloud assets. As organizations increasingly shift to multi-cloud strategies, the findings underscore significant security gaps that could provide attackers with potential footholds into networks. Read Now

  • Built for Today, Ready for Tomorrow

    Selecting the right VMS is critical for any organization that depends on video surveillance to ensure safety, security and operational efficiency. While many organizations focus on immediate needs such as budget and deployment size, let us review some of the long-term considerations that can significantly impact a VMS's utility and flexibility. Read Now

  • Paving the Way to Smart Buildings

    In today's rapidly evolving security landscape, the convergence of on-prem, edge and cloud technologies are critical. The physical security landscape is undergoing a profound transformation, driven by the rapid digitalization of buildings and the evolving needs of modern organizations. As the buildings sector pivots towards smart, AI and data-driven operations, the integration of both edge and cloud technology has become crucial. Read Now

  • The Cybersecurity Time Bomb

    If you work in physical security, you have probably seen it: a camera, access control system, or intrusion detection device installed years ago, humming along without a single update. It is a common scenario that security professionals have come to accept as "normal." But here is the reality: this mindset is actively putting organizations at risk. Read Now

New Products

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure.