Toyota has acknowledged that it reportedly suffered a massive data breach in which the threat actor leaked an archive of 240GB of data stolen from the company’s systems on a hacking forum.
The huge trove of data, which was leaked by a well-known hacker, ZeroSevenGroup, claims that they have breached a U.S. branch and stolen 240GB worth of data on Toyota employees and customers, including personal and professional contact information, customer profiles, financial details, contracts, business plans, and more.
Additionally, they claim that they even collected network infrastructure details, including credentials, using ADRecon.
This open-source tool gathers information about Active Directory and generates a report that offers a holistic picture of the current state of the target AD environment.
“We have hacked a branch in United States to one of the biggest automotive manufacturer in the world (TOYOTA). We are really glad to share the files with you here for free. The data size: 240 GB,” the threat actor claims.
“Contents: Everything like Contacts, Finance, Customers, Schemes, Employees, Photos, DBs, Network infrastructure, Emails, and a lot of perfect data. We also offer you AD-Recon for all the target network with passwords.”
When BleepingComputer contacted Toyota to validate the threat actor’s claims, the Japanese automaker responded, “We are aware of the situation. The issue is limited in scope and is not a system wide issue.โ
The company further added that it’s “engaged with those who are impacted and will provide assistance if needed.” However, it did not provide information on when it first detected the breach, or how the attacker managed to gain access to its computer systems, and how many people were exposed in the data breach.
While Toyota did not disclose the date of the breach, BleepingComputer discovered that the files had been stolen or at least created on December 25, 2022, which means that the attacker had access to the backup server where the data was kept.
This is not the first time that Toyota has suffered a data breach.
In December 2023, Toyota Financial Services (TFS), a financial subsidiary of the popular automaker Toyota Motor Corporation, warned its customers of a data breach that had exposed their personal details, including bank account information, in the attack.
The data breach was a result of a Medusa ransomware attack on some of TFSโs systems in Europe and Africa in November last year.