Toyota has confirmed it suffered a major data breach after hackers posted stolen data on an underground forum – although plenty of details are still missing.
Earlier this week, a threat actor going by the name ZeroSevenGroup posted a new thread on a dark web forum, claiming to have stolen 240GB of sensitive files from the company.
“We have hacked a branch in United States to one of the biggest automotive manufacturer in the world (TOYOTA). We are really glad to share the files with you here for free. The data size: 240 GB,” the group said in the thread. “Contents: Everything like Contacts, Finance, Customers, Schemes, Employees, Photos, DBs, Network infrastructure, Emails, and a lot of perfect data. We also offer you AD-Recon for all the target network with passwords.”
Stealing from the archives
Toyota told BleepingComputer the claims were true, but declined to provide details.
“We are aware of the situation. The issue is limited in scope and is not a system wide issue,” the company said, adding it is “engaged with those who are impacted and will provide assistance if needed.”
Other crucial information, like when the attack happened, when it was discovered, how the crooks accessed the network, or how many people were affected by the breach, is missing. Chances are, Toyota is still investigating the incident and will come back with an update soon.
Trying to uncover some of the information on their own, BleepingComputer’s researchers discovered that the files were stolen, or at least created, on December 25, 2022, indicating that this was possibly a grab of archived data.
Toyota has suffered multiple data incidents in the past, including two in December and May of 2023, and one in October 2022.
More from TechRadar Pro
Services Marketplace – Listings, Bookings & Reviews