Toyota Kirloskar Motor, a joint venture between Toyota and Kirloskar to facilitate the manufacturing and sales of Toyota vehicles in India, has potentially suffered a data breach. When Toyota’s T-Connect feature was developed in 2017, some of its website source code was unintentionally published on GitHub by a subcontractor working on the project. This code was publicly available from December 2017 until September 15th, 2022, when it was noticed. The repository was then locked, and the keys were modified; however, prior to this, the information of nearly 300,000 Toyota customers may have been exposed. Customer information such as email addresses and management numbers were included in the data that was potentially accessed. Toyota released a statement regarding this incident, a portion of which read, “As a result of an investigation by security experts, although we cannot confirm access by a third party based on the access history of the data server where the customer’s email address and customer management number are stored; at the same time, we cannot completely deny it.” Toyota plans to directly reach out to customers that potentially had their information exposed.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.