Hackers steal data from 300,000 Toyota customers

Hackers are likely to have stolen the data of nearly 300,000 customers of Japanese car giant Toyota. The group announced this on Friday in the city of Toyota. “We’ve determined that 296,019 customer email addresses and associated administrative numbers may have been hacked,” a press release said. Accordingly, drivers using the Toyota online service T-Connect will be affected.

The Japan-based company said there was no possibility that other data such as names, phone numbers, credit cards or other information had been leaked. Nevertheless, experts rate such incidents as serious, as the basic information captured can be used to carry out more dangerous phishing attacks on those affected.

Swiss customers are not affected.

The latest incident is in a series of data breaches and cybersecurity incidents at the Japanese company and its suppliers. In March 2019, the data of 3.1 million customers fell into the hands of hackers. In February, Toyota had to temporarily shut down production facilities after a supplier was hit by a cyber attack.

In the current case, the weak point apparently also lay with a supplier. He put some of the T-Connect code on the Github platform and accidentally made the code available to the public in December 2017. “The published source code contained an access key to the data server, which allowed access to email addresses and customer management numbers.” (cpf/sda/awp/dpa)