Toyota has warned users of the Toyota smartphone app that they may receive spam, phishing scams or unsolicited emails after around 296,000 customer details were leaked.
According to Reuters, 296,019 email addresses and customer numbers were leaked. These come from users of T-Connect, a telematics service that connects vehicles via an online network.
(Photo: BEHROUZ MEHRI/Getty Images)
Toyota apologizes to affected customers
Customers who have signed up for T-connect using their email addresses since July 2017 are affected by the leak, according to Gizmodo.
Fortunately, only the email addresses and customer numbers were leaked. Other sensitive information such as customer names, phone numbers and credit card information was not affected, according to Toyota.
At the time of writing, no cases of misuse of customer information have yet been reported, according to the Japanese automaker. Despite this, Toyota still warns users that they might receive spam, phishing scams, or unsolicited emails.
Based on the investigation by security experts, they cannot confirm whether there is third-party access from the data server access history.
However, according to Toyota, they cannot completely rule out that no third-party access has occurred.
As part of the leak, Toyota sent individual apologies to the registered emails of users affected by the breach.
The leak incident happened because a contractor, who was a developer of the T-Connect website, accidentally uploaded part of the source code to a GitHub account. And instead of going private, it went public.
Github is an Internet hosting service for developers for version control and collaboration. According to Toyota, making the code public violates the automaker’s handling rules.
To better assist customers, a dedicated call center has also been set up by the company to answer customer questions about the data leak.
Additionally, the automaker has also implemented a website form where users can check if their email is among those compromised.
Read also : 2022 Toyota Tundra vs. F-150 Raptor vs. Hyundai Santa Cruz in Drag Race: Top Speed, 389 Horsepower Engine
Toyota suffered a cyberattack in the past
Automotive apps put users’ personal information at risk, experts say. Researchers at cybersecurity firm Kaspersky released a report in May that found more than half of these automotive apps use customers’ personal information.
Additionally, these automotive apps do not ask users for consent before using their personal information. The problem is that these car apps are vulnerable to security vulnerabilities.
This is not the first time that Toyota has suffered a cyberattack. In February, it halted operations at its 14 domestic factories after a supplier of plastic parts and electronic components fell victim to a suspected cyberattack.
The automaker lost around 13,000 cars due to the incident. While a Toyota spokesperson said it was a “vendor system failure,” a spokesperson for Kojima Industries Corp. said it was some kind of cyberattack.
Toyota’s production shutdown due to the cyberattack came as the automaker faces supply chain disruptions around the world from the COVID-19 pandemic. The pandemic has forced the company and other automakers to curb production.
Related article: Toyota Reveals Details of Its New Crown Model – What Does It Look Like?