Toyota warns customers of data breach exposing personal, financial info

Toyota Financial Services (TFS) is warning customers it suffered a data breach, stating that sensitive personal and financial data was exposed in the attack.

Toyota Financial Services, a subsidiary of Toyota Motor Corporation, is a global entity with a presence in 90% of the markets where Toyota sells its cars, providing auto financing to its customers.

Last month, the company confirmed that it detected unauthorized access on some of its systems in Europe and Africa, following a claim from Medusa ransomware about successfully compromising the Japanese automaker's division.

The threat actors demanded a payment of $8,000,000 to delete the stolen data and gave Toyota 10 days to respond to their blackmail.

At the time, a Toyota spokesperson told BleepingComputer that the company had detected unauthorized access on some of its systems in Europe and Africa. The company took certain systems offline to contain the breach, which impacted customer services.

Presumably, Toyota has not negotiated a ransom payment with the cybercriminals, and currently, all data has been leaked on Medusa's extortion portal on the dark web.

New Paragraph



Earlier this month, Toyota Kreditbank GmbH in Germany was identified as one of the impacted divisions, admitting that hackers gained access to customers' personal data.

German news outlet Heise received a sample of the notices sent by Toyota to German customers, informing that the following data has been compromised:

• Full name
• Residence address
• Contract information
• Lease-purchase details
• IBAN (International Bank Account Number)

This type of data can be used in phishing, social engineering, scams, financial fraud, and even identity theft attempts.

Notice sent to impacted customers (Heise)