HQ/EMEAFind out how we can help your business
Toyota Financial Services (TFS), a subsidiary of the global automotive manufacturing company Toyota Motor Corporation, has revealed the implications of the data breach incident that affected its systems last month.
According to the company, last month’s breach exposed their customers’ sensitive personal and financial information. This confirmation prompted TFS to warn its clientele.
TFS, operating in 90% of the markets where Toyota sells its cars, identified unauthorised access to some of its systems in Europe and Africa. The breach emerged following a claim by the Medusa ransomware group.
The Medusa ransomware gang claimed responsibility for the cyberattack on Toyota Financial Services.
The Medusa ransomware group claimed that they compromised Toyota Financial Services. They demanded $8,000,000 payment to delete the stolen data and gave the Japanese corporation a 10-day deadline to respond to their demands.
On the other hand, Toyota spokespersons confirmed the breach and immediately took affected systems offline to contain the incident. Unfortunately, the breach had consequences for customer services as the company addressed the fallout of the cyberattack.
One impacted division, Toyota Kreditbank GmbH in Germany, admitted that the attackers accessed customers’ data. German news outlet Heise received sample notices sent to affected customers, revealing compromised information.
The confirmed stolen data includes essential details, such as full names, residence addresses, contact details, lease-purchase information, and International Bank Account Numbers (IBAN).
This exposed data carries severe implications since the threat actors acquiring these details could execute various cybercriminal operations, like phishing and social engineering attempts to scams, financial fraud, and identity theft.
However, Toyota has not negotiated with the ransomware group, and the stolen data is now on its way onto Medusa’s extortion portal on the dark web.
Despite ongoing internal investigations, Toyota has confirmed the compromised data based on the initial findings. The company assured everyone to update affected parties promptly as the investigation finds new details about the attack.
Toyota has yet to respond to any inquiries, leaving questions about the exact number of exposed customer data. Therefore, potentially impacted customers should beware of unsolicited communications as the threat actors could spread the stolen data to other hackers.
