Toyota mishandled user data by publishing over 2 million user info online


Toyota

Toyota Motor announced a cybersecurity issue which involves its subsidiary, Toyota Connected. In error, the company mistakenly published the personal information of about 2.15 million users online. Toyota said in a statement that the breach of user data was caused by a setup error in the cloud service. The leaked content includes vehicle serial numbers and location data. Toyota responds that the data was used for internal admin purposes and would not be traced to the user. 

Toyota electric vehicles

From the reports so far, the data breach covers orders for Toyota T – Connect, G – Link, G – Link Lite and G – Link from Jan. 2, 2012, to April 17, 2023. This includes about 2.15 million users of the BOOK telematics service. Also affected is dash cam footage uploaded to the cloud using an enterprise service provided by Toyota Connect. One weird part of the data leak is that it was available online for years. The report from Reuters claims that the data was available to the public from Nov. 14, 2016, to April 4, 2023.

Toyota has already taken action as the company says that all data are no longer online. Also, the company reveals that there is no evidence that any data was used illegally. There are huge consequences for such data leaks. Nobody wants their personal data to be public, that’s why it is called “personal data” in the first place. Such data increases the risk of identity theft, fraud and could even cause harm to the owner.

Leaked Data were all from Japan

According to Reuters, the car data from the recent Toyota leak were all from Japan. This data are from almost all users that have had an active account with the company’s cloud service since 2012. For over a decade, some of this data has been available online. Others have been online for less than a decade. In addition to regular Toyota cars, the leak also affects users of its luxury brand Lexus. A spokesperson for Toyota said

“There was a lack of active detection mechanisms, and activities to detect the presence or absence of things that became public,”

Toyota electric vehicles

Moving forward, the company claims to work on a system to check its cloud settings. Toyota also claims to monitor its settings from time to time (often) and teach staff how to handle users’ data. There are also reports that the Personal Information Protection Commission is aware of the issue. However, there is no official comment because it does not comment on single issues.

From time to time, we hear reports of user data breaches in Japan just as it is in other parts of the world. Mobile service provider NTT DoCoMo (9432.T) stated in March that data of up to 5.29 million users may have been hacked by a company to which it had outsourced services.

This event is only one of several issues facing Koji Sato, who replaced Akio Toyoda, the grandson of the company’s founder, as Toyota CEO on April 1. Since he took office, Toyota has faced issues with its affiliate Daihatsu’s safety testing and received a shareholder petition from three European fund managers.

Gizchina News of the week


History of User Data Breach Involving Toyota

For Toyota users who may be afraid that their personal data is online, there is no need to be. Toyota has faced similar data breaches in the past and the company was able to tackle the situation. Below are some of the major data leaks that Toyota has faced and handled pretty well in the recent past.

Toyota electric vehicles

2019 Data Breach

In 2019, Toyota was hit with a data breach that affected the sales info of almost 3.1 million users. Hackers breached Toyota’s IT systems and gained fake access to servers that contains sales info. The stolen data include names, birth dates, and job info of Toyota staff. The company stated that no credit card info was stolen in the breach.

The Toyota data breach had a severe impact on the company. After the event, many of its users expressed fears and concerns about the safety and security of their personal info. The breach led to a public relations crisis for the company. Of course, Toyota faced criticism for its handling of the whole event. The events also show the importance of data protection and cybersecurity. It also made many users become more cautious about how they share their personal info with companies.

However, Toyota was quick to respond to the data breach. The company issued a statement that states that it is aware of the issue and also told users that it is taking steps to take care of the issue. The company also set up a hotline for users to call if they had concerns or questions about the breach. In addition, a service to monitor the credit info of users was also set up by Toyota to protect their finances.

2022 Data Breach

In October 2022, Toyota announced a data breach that may have exposed the emails of up to 300,000 customers for a period of time. The company stated that the breach was caused by a third – party vendor who had access to Toyota’s systems. The vendor’s system was hacked, which led to the exposure of Toyota’s user data. Toyota stated that it had taken steps to prevent similar issues from happening in the future. This data breach did not cause as much fuss as the 2019 case did. The reason is quite obvious, it affects a far lesser number of people. 

Toyota

Impact of the Data Breaches

The data breaches have had a huge impact on Toyota’s ego and user trust. The company has faced criticism for its handling of data breaches and for not doing enough to protect its users’ data. The breaches have also exposed the weakness of Toyota’s IT systems and the need for better security measures.

Final Words

Toyota has been hit by several data breaches over the years, which have leaked the data of millions of users. The company has, however, taken steps to prevent similar cases from taking place in the future. Users of the car brand do not have to worry about the safety of their user data. The company did give its word that all data are now out of the public domain.

In this case (the latest data breach), no user data was used for any malicious purpose. In spite of this, the breach of user data had a huge impact on the face of Toyota as well as its user trust. It is quite good for car brands to take the safety of their user data very seriously.

Source/VIA :
Previous A Stunning Collection Of VR Games Available on Xbox Game Pass
Next The wait is over: PlayStation VR2 hits stores