Toyota data breach affects up to 3.1 million customers

The breach, which affected Toyota Tokyo Sales Holding Inc. and its affiliated enterprises, was the second high-profile cybersecurity incident at Toyota in as many months.
Toyota data breach
Toyota has been a victim of numerous cyberattacks in recent weeks. (Pixabay)

Automotive maker Toyota said Friday that a data breach had hit its sales offices in Japan, exposing information on up to 3.1 million customers.

The breach affected Toyota Tokyo Sales Holding Inc. and its affiliated enterprises, and possibly three other independent dealers in Japan, according to Toyota Motor Corp.’s statement, which described “unauthorized access” to the company’s network.

“We take this situation seriously, and will thoroughly implement information security measures at dealers and the entire Toyota Group,” the statement said.

It was the second cybersecurity incident affecting Toyota in as many months. In February, Toyota’s Australia branch announced it had been “the victim of an attempted cyberattack.”


The company’s security woes come in the wake of reports that a Vietnamese hacking group, APT32, had last month launched a spearphishing campaign against multinational car companies. The Southeast Asian country is trying to develop its domestic car industry, and data stolen by APT32 could help with that.

Toyota has not commented on whether the breach to its sales offices was the work of APT32.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts