Japanese car maker Toyota announced its second data breach today, making it the second cyber-security incident the company acknowledged in the past five weeks.
While the first incident took place at its Australian subsidiary, today’s breach was announced by the company’s main offices in Japan.
Toyota and Lexus car owners data at risk
The company said hackers breached its IT systems and accessed data belonging to several sales subsidiaries.
The list includes Toyota Tokyo Sales Holdings, Tokyo Tokyo Motor, Tokyo Toyopet, Toyota Tokyo Corolla, Nets Toyota Tokyo, Lexus Koishikawa Sales, Jamil Shoji (Lexus Nerima), and Toyota West Tokyo Corolla.
Toyota said the servers that hackers accessed stored sales information on up to 3.1 million customers. The carmaker said there’s an ongoing investigation to find out if hackers exfiltrated any of the data they had access to.
Customer financial details were not stored on the hacked servers, Toyota said. However, the company didn’t say what type of info hackers might have accessed either.
“We apologize to everyone who has been using Toyota and Lexus vehicles for the great concern,” a Toyota spokesperson said today in a message to the press.
“We take this situation seriously, and will thoroughly implement information security measures at dealers and the entire Toyota Group.”
APT32?
This is the second cyber-security the company has announced this year, after disclosing a similar incident in late February, but affecting its Australian branch.
The attack on its Australian office was more disruptive in nature, bringing down Toyota Australia’s ability to handle sales and deliver new cars, and has been attributed by some industry experts to APT32 (OceanLotus), a Vietnamese cyber-espionage unit with a known focus on the automotive industry.
Experts suggested that APT32 hackers might have targeted Toyota’s Australia branch as a way to get into Toyota’s more secure central network in Japan.