Toyota Motor today announced a cybersecurity incident in which its subsidiary Toyota connected mistakenly set a portion of about 2.15 million customers’ information to be publicly viewable on the Internet.
Toyota said in a statement that the cause of the customer data breach was a setup error in the cloud environment. The content that was leaked included vehicle numbers and location information. Toyota responded that the information was for internal management and would not be traced to individual customers.
The data breach covered approximately 2.15 million subscribers to Toyota’s T-Connect, G-Link, G-Link Lite and G-BOOK telematics services from January 2, 2012 to April 17, 2023, It is learned from a Toyota Connect briefing document. Also affected are recordings of car recorders uploaded to the cloud using the enterprise services provided by Toyota Connect between November 14, 2016 and April 4, 2023, which can also be publicly accessed on the Internet.
The company also said that the system error has now been fixed and that there is no confirmed wrongful use of the data.
