Toyota: Car location data of 2 million customers exposed for ten years

Fri, 2 Jun 2023 14:31:34 +1000

Andrew Pam <xanni [at] glasswings.com.au>

Andrew Pam
<https://www.bleepingcomputer.com/news/security/toyota-car-location-data-of-2-million-customers-exposed-for-ten-years/>

'Toyota Motor Corporation disclosed a data breach on its cloud environment that
exposed the car-location information of 2,150,000 customers for ten years,
between November 6, 2013, and April 17, 2023.

According to a security notice published in the company's Japanese newsroom,
the data breach resulted from a database misconfiguration that allowed anyone
to access its contents without a password.

"It was discovered that part of the data that Toyota Motor Corporation
entrusted to Toyota Connected Corporation to manage had been made public due to
misconfiguration of the cloud environment," reads the notice (machine
translated).

"After the discovery of this matter, we have implemented measures to block
access from the outside, but we are continuing to conduct investigations,
including all cloud environments managed by TC. We apologize for causing great
inconvenience and concern to our customers and related parties."'

Via Christoph S.

Cheers,
       *** Xanni ***
--
mailto:xanni@xanadu.net               Andrew Pam
http://xanadu.com.au/                 Chief Scientist, Xanadu
https://glasswings.com.au/            Partner, Glass Wings
https://sericyb.com.au/               Manager, Serious Cybernetics

Comment via email

Home E-Mail Sponsors Index Search About Us