A data breach revealed by Toyota Motor Corporation exposed information on more than 2 million consumers over ten years.
A misconfigured database that was open to everyone without authentication was the source of the data breach.
The security breach impacted customers who used the company’s T-Connect G-Link, G-Link Lite, or G-BOOK services.
Exposed records include customer names, credit card data, and phone numbers have not been compromised as they weren’t stored in the exposed database.
Source: https://securityaffairs.com/146178/data-breach/toyota-10-years-data-breach.html
TPRM report: https://scoringcyber.rankiteo.com/company/toyota
"id": "toy221228523",
"linkid": "toyota",
"type": "Breach",
"date": "05/2023",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"
{'affected_entities': [{'customers_affected': 2000000,
'industry': 'Automotive',
'name': 'Toyota Motor Corporation',
'type': 'Corporation'}],
'attack_vector': 'Misconfigured Database',
'data_breach': {'number_of_records_exposed': 2000000,
'personally_identifiable_information': ['customer names'],
'type_of_data_compromised': ['customer names']},
'description': 'A data breach revealed by Toyota Motor Corporation exposed '
'information on more than 2 million consumers over ten years. '
'A misconfigured database that was open to everyone without '
'authentication was the source of the data breach. The '
'security breach impacted customers who used the company’s '
'T-Connect G-Link, G-Link Lite, or G-BOOK services. Exposed '
'records include customer names, credit card data, and phone '
'numbers have not been compromised as they weren’t stored in '
'the exposed database.',
'impact': {'data_compromised': ['customer names'],
'systems_affected': ['T-Connect G-Link', 'G-Link Lite', 'G-BOOK']},
'title': 'Toyota Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Open database without authentication'}