Toyota has been hit with a second data breach within a month’s time. This time around 3.1 million items of customer information may have been leaked. Among the subsidiaries affected by the breach are Toyota Tokyo Sales Holdings Co. Ltd., Tokyo Toyopet Co. Ltd., Nets Toyota Tokyo Co., Tokyo Motor Co. Ltd., and Toyota Tokyo Corolla Co. Ltd.
In addition to the five companies, Lexus Koishikawa Sales Co. Ltd., Jamil Shoji Co. Ltd. (Lexus Nerima), and Toyota West Tokyo Corolla Co. Ltd. were among the affected.
The company has said in its press release that there was some inadvertent exposure of customer data but assured that the payment data remained unaffected. The company has chosen to only conjecture on the matter and has not confirmed the possibility of malicious actors accessing the exposed customer data. Nonetheless, the company apologized to its customers through the press release.
The company’s Australian arm had similarly experienced a cybersecurity breach in February and was of more disruptive nature than the Japan-incident. There have also been reports that Toyota Vietnam too had to endure a similar security breach, but the details about the incident are still unclear. According to some reports online, these attacks are being attributed to a Vietnamese hacker group called APT32 which largely focuses on the automotive industry.