Transportation

Toyota data breach affects up to 3.1 million customers

The breach, which affected Toyota Tokyo Sales Holding Inc. and its affiliated enterprises, was the second high-profile cybersecurity incident at Toyota in as many months.

By Sean Lyngaas

March 30, 2019

Toyota has been a victim of numerous cyberattacks in recent weeks. (Pixabay)

Automotive maker Toyota said Friday that a data breach had hit its sales offices in Japan, exposing information on up to 3.1 million customers.

The breach affected Toyota Tokyo Sales Holding Inc. and its affiliated enterprises, and possibly three other independent dealers in Japan, according to Toyota Motor Corp.’s statement, which described “unauthorized access” to the company’s network.

“We take this situation seriously, and will thoroughly implement information security measures at dealers and the entire Toyota Group,” the statement said.

It was the second cybersecurity incident affecting Toyota in as many months. In February, Toyota’s Australia branch announced it had been “the victim of an attempted cyberattack.”

The company’s security woes come in the wake of reports that a Vietnamese hacking group, APT32, had last month launched a spearphishing campaign against multinational car companies. The Southeast Asian country is trying to develop its domestic car industry, and data stolen by APT32 could help with that.

Toyota has not commented on whether the breach to its sales offices was the work of APT32.