Select Page

Incident: Toyota does U-turn, confirms thousands of Australian customers hit by latest data breach | drive.com.au

Posted by | Jun 1, 2023 | , , , , , , , | 0 |

Incident: Toyota does U-turn, confirms thousands of Australian customers hit by latest data breach | drive.com.au

Australian Automotive Incident, 01 June 2023

Toyota does U-turn, confirms thousands of Australian customers hit by latest data breach

Access key was publicly available on GitHub for almost five years

Source: Toyota does U-turn, confirms thousands of Australian customers hit by latest data breach | drive.com.au
Source: Toyota discloses data leak after access key exposed on GitHub | beepingcomputer

News agency Reuters reports, in the latest computer hack, the vehicle data of 2.15 million Toyota customers in Japan – almost all owners who signed up for the company’s cloud services from 2012 – had been “publicly available for a decade due to human error”.

After initially saying Toyota customers in Australia were not affected, the company has since done a U-turn. However, Toyota Australia issued the following statement: “On 12 May 2023, Toyota Motor Corporation confirmed the vehicle data of some users in Japan had been publicly accessible due to an error in the configuration of a cloud-based database.

Toyota discovered recently that a portion of the T-Connect site source code was mistakenly published on GitHub and contained an access key to the data server that stored customer email addresses and management numbers.

This made it possible for an unauthorized third party to access the details of 296,019 customers between December 2017 and September 15, 2022, when access to the GitHub repository was restricted.

 

Rate:

About The Author

Steven Kirby

I provide independent and practical consultancy services through raising awareness and fostering the energy for change that delivers improved business management of information security governance, risk and compliance.

Related Posts

Incident: 60GB of User Data Was Exposed by Australian Trading Company ACY Securities | Heimdal Security

Incident: 60GB of User Data Was Exposed by Australian Trading Company ACY Securities | Heimdal Security

June 6, 2022

Incident: ASIC sues financial services company for repeated hacks | iTnews

Incident: ASIC sues financial services company for repeated hacks | iTnews

August 21, 2020

Australia ranks second in defence think tank’s cyber security report | The Canberra Times

Australia ranks second in defence think tank’s cyber security report | The Canberra Times

December 12, 2017

Incident: Waverley Christian College confirms cyber incident after ransomware gang claims attack | Cyberdaily.au

Incident: Waverley Christian College confirms cyber incident after ransomware gang claims attack | Cyberdaily.au

December 18, 2024

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Please follow the Source link to the original article to support the content owner. We only provide a brief summary with metadata to assist in categorisation.

More Australian News

Alert! Wave of fake toll, parking scams impacting countries worldwide, including Australia and New Zealand
Alert! Wave of fake toll, parking scams impacting countries worldwide, including Australia and New Zealand

Scammers observed impersonating Aussie toll operator Linkt and the New Zealand Police and Ministry of Justice. • Wed, 29 Apr 2026 • … [...]

NZ council cyber attack leads to ID and financial data being exposed
NZ council cyber attack leads to ID and financial data being exposed

A cyber attack impacting a New Zealand city council has compromised the data of hundreds of people. • Wed, 29 Apr 2026 • Security *]:clear-none … [...]

Exclusive: NSW-based Strata Republic allegedly breached by Kairos ransomware group
Exclusive: NSW-based Strata Republic allegedly breached by Kairos ransomware group

Hackers claim to have stolen 441 gigabytes of data, including internal correspondence, driver’s licence scans and revealing Christmas party photos. • … [...]

Exclusive: Gelatissimo confirms unauthorised access, investigates DragonForce hack claims
Exclusive: Gelatissimo confirms unauthorised access, investigates DragonForce hack claims

Major Australian ice-cream retailer Gelatissimo has launched an investigation into claims made by hackers that the company was breached in a … [...]

Most Australians leaving data open to cybercriminals
Most Australians leaving data open to cybercriminals

Two-thirds of Australians are sharing key information that makes them easy targets for scammers and cyber criminals. The new research from the Department of Home Affairs also found more than [...]

NSW Treasury staffer charged over major data breach | 7NEWS
NSW Treasury staffer charged over major data breach | 7NEWS

A 45-year-old New South Wales Treasury employee has been arrested and charged with accessing and downloading over 5,500 sensitive government documents containing confidential, commercial and financial information across multiple NSW [...]

Warning Anthropic's Mythos could pose cyber risk to banks and critical infrastructure | The Business
Warning Anthropic's Mythos could pose cyber risk to banks and critical infrastructure | The Business

Australian banks, power providers and infrastructure firms do not have access to test their systems against a powerful new AI cybersecurity risk, Anthropic's Mythos. Anthropic has claimed Claude Mythos is [...]

Australian Army research paper advocates for Australian national cyber reserve force, volunteer cyber organisations
Australian Army research paper advocates for Australian national cyber reserve force, volunteer cyber organisations

A newly published Australian Army Research Centre paper has highlighted the need for Australia to establish an Australian national cyber reserve … [...]

Generation Life informs customers of ‘cyber incident’ as owner shares incident with ASX
Generation Life informs customers of ‘cyber incident’ as owner shares incident with ASX

Australian investment firm Generation Life says there is no evidence of any unauthorised transaction, but is investigating a potential data breach. • … [...]

PAW 2026
PAW 2026

On this page Privacy Awareness Week 2026 Trust is built here. In every privacy complaint. In every resolution. Privacy Awareness Week (PAW) is an annual … [...]

RentTech platforms must stop unfair and excessive personal information collection, says Privacy Commissioner
RentTech platforms must stop unfair and excessive personal information collection, says Privacy Commissioner

A determination issued today by the Privacy Commissioner finds that the 2Apply rental technology platform, operated by InspectRealEstate (IRE), … [...]

Warfare and cyber attacks: Implications for Australian organisations
Warfare and cyber attacks: Implications for Australian organisations

In brief Coordinated cyber-attacks formed an integral part of the lead-up to and the opening phase of the 2026 Iran war, operating in tandem with … [...]

Shares
Share This

Discover more from Australian Cyber Aware

Subscribe now to keep reading and get access to the full archive.

Continue reading