Mazda confirms limited employee, business partner data breach

BleepingComputer reports that Mazda Motor Corporation has confirmed the compromise of 692 records with employee and business partner information in a December security incident. Unauthorized access to the Japanese automaker's warehouse operation management system for Thailand-sourced parts allowed threat actors to obtain user IDs, full names, company names, email addresses, and business partner IDs. Attempted misuse of the stolen data was not observed, according to Mazda, which emphasized that no customer information was stored in the affected system as it implemented additional safeguards on its IT systems. "Following this discovery, the Company promptly reported the matter to the Personal Information Protection Commission an external bureau of the Japanese Cabinet Office and implemented appropriate security measures and conducted an investigation in cooperation with an external specialist organization," the company said. Such a development comes after Mazda and its U.S. subsidiary were allegedly attacked by the Clop ransomware operation in November, claims that Mazda never officially confirmed.