Select Page

Incident: Toyota does U-turn, confirms thousands of Australian customers hit by latest data breach | drive.com.au

Posted by | Jun 1, 2023 | , , , , , , , | 0 |

Incident: Toyota does U-turn, confirms thousands of Australian customers hit by latest data breach | drive.com.au

Australian Automotive Incident, 01 June 2023

Toyota does U-turn, confirms thousands of Australian customers hit by latest data breach

Access key was publicly available on GitHub for almost five years

Source: Toyota does U-turn, confirms thousands of Australian customers hit by latest data breach | drive.com.au
Source: Toyota discloses data leak after access key exposed on GitHub | beepingcomputer

News agency Reuters reports, in the latest computer hack, the vehicle data of 2.15 million Toyota customers in Japan – almost all owners who signed up for the company’s cloud services from 2012 – had been “publicly available for a decade due to human error”.

After initially saying Toyota customers in Australia were not affected, the company has since done a U-turn. However, Toyota Australia issued the following statement: “On 12 May 2023, Toyota Motor Corporation confirmed the vehicle data of some users in Japan had been publicly accessible due to an error in the configuration of a cloud-based database.

Toyota discovered recently that a portion of the T-Connect site source code was mistakenly published on GitHub and contained an access key to the data server that stored customer email addresses and management numbers.

This made it possible for an unauthorized third party to access the details of 296,019 customers between December 2017 and September 15, 2022, when access to the GitHub repository was restricted.

 

Rate:

About The Author

Steven Kirby

I provide independent and practical consultancy services through raising awareness and fostering the energy for change that delivers improved business management of information security governance, risk and compliance.

Related Posts

Incident: Australian company Jands appears to have been hit by Windows ransomware | iTWire

Incident: Australian company Jands appears to have been hit by Windows ransomware | iTWire

September 1, 2020

Incident: Rio Tinto says staff’s personal data may have been hacked in memo after an attack on GoAnywhere software | ABC News (Australia)

Incident: Rio Tinto says staff’s personal data may have been hacked in memo after an attack on GoAnywhere software | ABC News (Australia)

March 23, 2023

Incident: SA Health patients caught up in data breach of third-party platform Personify Care | ABC News (Australia)

Incident: SA Health patients caught up in data breach of third-party platform Personify Care | ABC News (Australia)

October 28, 2023

Incident: Life Saving Victoria server hacked by ‘malicious actors’ | ABC News Australia

Incident: Life Saving Victoria server hacked by ‘malicious actors’ | ABC News Australia

December 24, 2023

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Please follow the Source link to the original article to support the content owner. We only provide a brief summary with metadata to assist in categorisation.

More Australian News

State Library of NSW responding to April cyber intrusion
State Library of NSW responding to April cyber intrusion

Library services remain offline following “suspicious activity in our catalogue”; services are expected to be back online by the end of the month. • … [...]

Directors told to stop admiring the AI problem and start governing it - AICD
Directors told to stop admiring the AI problem and start governing it - AICD

Directors told to stop admiring the AI problem and start governing it Friday, 15 May 2026 Brisbane played host to the AICDs’ Tech Governance Forum last … [...]

Student hackers take on 'ethical battle' beyond cyber attacks and exploits
Student hackers take on 'ethical battle' beyond cyber attacks and exploits

When more than 100 hackers meet in a room, it might be a good idea to update your password. But these cybersecurity sleuths have gathered for a good … [...]

How Australia's ASIC v FIIG decision supports your cyber investment business case
How Australia's ASIC v FIIG decision supports your cyber investment business case

What you need to know First AFSL cyber penalty: FIIG's $2.5 million penalty is the first cyber security penalty under general financial services … [...]

APRA and ASIC Sound the AI Alarm for Boards and Executives
APRA and ASIC Sound the AI Alarm for Boards and Executives

What you need to know APRA and ASIC have sent powerful messages to regulated entities regarding AI, cyber security and operational resilience in … [...]

Exclusive: INC Ransom claims cyber attack on Australian engineering service company
Exclusive: INC Ransom claims cyber attack on Australian engineering service company

Threat actors have claimed a cyber attack on an Australian engineering solutions company and are threatening to publish data they allegedly … [...]

Exclusive: Major cleaning and facility services firm confirms third-party cyber incident
Exclusive: Major cleaning and facility services firm confirms third-party cyber incident

Major private cleaning and facility services firm Menzies Group has confirmed a cyber incident that occurred after a third-party IT provider was … [...]

Exclusive: Australian College of Business Intelligence investigating Qilin ransomware claims
Exclusive: Australian College of Business Intelligence investigating Qilin ransomware claims

A Sydney-based vocational college has found no evidence of compromised student data after being listed on the leak site of a prolific hacking group. • … [...]

Victorian bulk porting scammer gets over two years in prison
Victorian bulk porting scammer gets over two years in prison

A 35-year-old man from Lynbrook, south-east Melbourne, has received a prison sentence of two years and two months, with a 12-month non-parole period, … [...]

NSW cyber cops bust alleged bullion-buying BEC bandits
NSW cyber cops bust alleged bullion-buying BEC bandits

NSW Police have charged three people over an alleged $600,000 business email compromise (BEC) scam operation, after detectives caught a young woman … [...]

Miners’ data targeted as hackers hold software provider to ransom
Miners’ data targeted as hackers hold software provider to ransom

Dozens of Australian mining companies are scrambling to access their key technology systems after a major software supplier to the sector was … [...]

Instructure dealing with Canvas cyberhackers a dangerous tactic, say experts
Instructure dealing with Canvas cyberhackers a dangerous tactic, say experts

The company that runs Canvas has painted a target on its back for future extortion attempts by making a deal with hackers, according to cybersecurity … [...]

Shares
Share This

Discover more from Australian Cyber Aware

Subscribe now to keep reading and get access to the full archive.

Continue reading