Toyota data breach overview:
- Who: Toyota Motor Corp. subsidiary Toyota Financial Services confirmed it discovered unauthorized activity on some of its systems in Europe and Africa.
- Why: The reveal came after the Medusa ransomware group posted Toyota Financial Services on its data leak site on the dark web and demanded a ransom.
- Where: The data breach affects consumers nationwide.
Toyota Financial Services confirmed it discovered unauthorized activity on some of its systems in Europe and Africa after the Medusa ransomware group claimed to have stolen data during a breach.
Medusa listed Toyota Financial Services, a subsidiary of Toyota Motor Corp., on its data leak site on the dark web and demanded a ransom payment of $8 million to delete the allegedly stolen data, Bleeping Compute reports.
The group reportedly gave Toyota Financial Services 10 days to respond to the ransom demand with an option to extend the deadline at a price of $10,000 per day.
Medusa posted a countdown clock on its website blog that shows the exact amount of days, hours, minutes and seconds Toyota allegedly has left before the group leaks the data, a screenshot posted by Bleeping Computer reveals.
Toyota Financial Services has not confirmed Medusa stole any data despite the threat actor’s claims.
Medusa ransomware group published sample of stolen Toyota data
To prove it possesses the stolen data, Medusa published sample data that included purchase invoices, financial documents, cleartext user IDs, passwords and passport scans, among other things, Bleeping Computer reports.
The ransomware group also reportedly provided a file with a tree structure of the data it alleges to have stolen from Toyota’s systems, with the majority of the documents reportedly in German.
In a statement to Bleeping Computer, Toyota says it took “certain systems offline” so it could “investigate the activity and to reduce risk,” while noting it has also been working with law enforcement in the wake of the attack.
In other news involving Toyota, the automaker announced a recall for more than 1.8 million model year 2013-2018 RAV4 vehicles earlier this month over concerns the housing for some of its replacement 12-volt batteries could become loose if their hold-down clamp is not properly tightened, causing a fire hazard in the event of a forceful turn.
Are you affected by the ransomware attack against Toyota? Let us know in the comments.
Don’t Miss Out!
Check out our list of Class Action Lawsuits and Class Action Settlements you may qualify to join!
Read About More Class Action Lawsuits & Class Action Settlements:
7 thoughts onToyota Financial Services confirms data breach
Please add me
Please add me Cynthia Wiley
Please add me to this lawsuit
Add me please
I didn’t know their was one. Add me please
Toyota breach?
Please add me