Toyota has confirmed that its network was subjected to a limited compromise following threat actor ZeroSevenGroup's exposure of 240 GB of data purportedly stolen from the Japanese multinational automaker's U.S. branch, BleepingComputer reports.
Infiltration of the Toyota branch has enabled the exfiltration not only of data from customers and employees but also financial information, contracts, emails, and network infrastructure details, which have been obtained through the ADRecon tool, claimed ZeroSevenGroup. Attackers were noted by BleepingComputer to potentially have obtained backup data server access after the theft or creation of the exposed files was discovered to have occurred on Christmas 2022. Such a development comes months after the discovery of several misconfigurations in Toyota's cloud services that leaked millions of customers' personal details and car-location data for nearly a decade. Moreover, Toyota Financial Services also reported having its customers' data compromised following a Medusa ransomware attack against the automaker's European and African systems last November.