Who:
Perpetrators: A threat actor named ZeroSevenGroup
What:
Incident: A third-party data breach exposed 240GB of Toyota employee and customer data, including contacts, financial details, and network infrastructure information. The threat actor leaked the stolen data on a hacking forum, claiming it included sensitive credentials and other critical information.
Toyota's Response: Toyota confirmed the breach, clarified that its internal systems were not compromised, and is working with affected individuals, though details about the breach and the third-party entity involved remain undisclosed.
Impact:
Data Exposure: The breach affects a significant amount of sensitive data, with potential implications for Toyota employees, customers, and the company's security posture.
Ongoing Risks: The exposure of network infrastructure information and credentials poses ongoing security risks for Toyota and its partners. The breach also adds to a series of recent security incidents impacting the company, raising concerns about data protection practices.
Read the full article HERE