Data leak among Toyota customers and employees confirmed

Toyota confirmed that its network attacked by a hacker who stole around 240 GB of data from the company's systems.

The automaker said it has contacted those affected. However, the company has not released any information about the attack, such as when it was discovered, who the thief is and how much customer data was exposed.

Toyota said it was “aware of the situation”“The issue is limited in scope and not a system-wide problem,” the company added.

ZeroSevenGroup reportedly stole information from Toyota, saying the data included details of Toyota employees, customers, contracts and financial information.

“We have hacked a branch of one of the largest car manufacturers in the world (TOYOTA) in the USA,” the attacker claimed. “We are very happy to share the files with you here for free. The data size is 240 GB.”

The group also claimed to have collected information about the network infrastructure using the open source tool ADRecon.

“There is evidence that the attackers targeted the company's Active Directory. They used a scraping tool to elevate their privileges and collect further credentials and information across the network, with the goal of extracting massive amounts of data,” said Guido Grillenmeier, senior technologist at Semperis, in an email to Dark Reading. “It doesn't surprise me that the attackers penetrated one of Toyota's U.S. dealerships, considering how large their sphere of influence is with more than 1,500 locations in the U.S. and 200 global distribution partners.”

Toyota did not respond to Dark Reading's request for comment.