Following the second breach in five weeks, Toyota has announced that multiple Toyota and Lexus subsidiaries may have been hacked. While there has been no confirmation if any information on the consumers were touched, the holdings of Toyota Sales Holdings Inc., a subsidiary of Toyota across Japan, have detected unauthorized access to their systems.
Toyota released a press release from their global newsroom detailing what they were able to ascertain so far about the breach. “We have not confirmed the fact that customer information has been leaked at this time, but we will continue to conduct detailed surveys, placing top priority on customer safety and security.”
The company also announced that they are working closely with the North American Toyota branch to ensure safety saying that “[a]dditionally, three other independent dealers in Japan are possibly involved. Toyota Motor North America (TMNA) is monitoring the situation closely and is currently unaware of any compromise of TMNA systems associated with this incident or evidence that Toyota or Lexus dealers in the United States have been targeted.”
It’s believed that the hack was in conjunction with a large-scale coordinated attack by Vietnamese-backed group, known as APT32. FireEye, the cybersecurity company, says that APT32 is targeting companies who are investing in Vietnam’s economic sectors. These include the areas of manufacturing, hospitality, consulting, and consumer products industries. It’s believed that Vietnam is attempting to launch its own domestic car manufacturer and the breach may have something to do with that.
The first attack was located in Toyota’s Australian branch, causing much more disruption to the manufacturer’s workflow. APT32 was also attributed to these attacks, interrupting the flow of supplies to dealerships and the ability to sell and deliver new cars. Toyota has attributed the hacking group to the attack but has yet to comment on speculation that the Australian branch was targeted to infiltrate the Japanese branch.