Home > News

Customer Data at Risk After Toyota and Lexus Dealerships Hacked in Japan

By Laura Tucker
News Toyota Dealership Data Breach Featured

By this point we need to realize that data breaches can hit anywhere. No matter where your information is being stored, it’s at risk of being hacked. This includes the information you leave behind after purchasing a car. It was confirmed that Toyota and Lexus dealerships in Japan suffered a data breach of customer data.

Car Dealership Breaches

As many as 3.1 million items of customer data are at risk in the data breach of the Toyota and Lexus dealerships in Japan. Toyota confirmed the attack and said “information that may have been leaked this time does not include information on credit cards,” so perhaps customers can take solace in that.

This is not the first major data breach to hit Toyota, however. Toyota Australia dealt with a disruptive cyber attack in February.

Toyota didn’t publish much information about the hack of the Toyota and Lexus dealerships but do acknowledge “unauthorized access on multiple dealerships around the Tokyo area of Japan on March 21.”

The 3.1 million pieces of customer data was stored on a service that was connected to that network. It’s unknown if it was compromised, and although the company insists no credit card data was compromised, they did not mention what other information may have been breached and acknowledged access but not that it was exfiltrated.

The global senior vice president of cyber security services at Nominet, Simon Whitburn, called it troubling that Toyota is unsure of the extent of the damage.

News Toyota Dealership Data Breach Lexus

“The ability to forensically analyze a data breach is equally as important as presenting it in the first place,” he said. He added that “with so much at risk for customers, businesses cannot afford to play a guessing game about whether data was stolen.”

There was also an attack on Australian dealerships in February, and some security analysts connected it to the Vietnamese cyber security unit known as APT32. The Risky Business podcast suggested that attack could have been used as a preliminary action before the more secure dealerships in Japan were hit.

Whitburn said, “It is thought that the central systems in Japan were accessed through weaknesses in the Australian system, meaning that clearly the network architecture is not secure.”

The Reach of the Attack

The information belonging to all Toyota or Lexus owners could be in danger, as it seems the hackers had access to the Toyota central network. The senior technical evangelist at Synopsys, Tim Mackey, said, “Current and former owners of Toyota vehicles should be concerned about this breach.”

“With attackers potentially gaining access to sales records, that data provides a perfect profile from which to build a spear-phishing attack,” he added.

Are you a Toyota or Lexus vehicle owner? Does this news concern you? Let us know your thoughts on the cyber attack of Toyota and Lexus dealerships in the comments below.

Subscribe to our newsletter!

Our latest tutorials delivered straight to your inbox

Laura Tucker Avatar
Laura Tucker
Laura has spent more than 20 years writing news, reviews, and op-eds, with the majority of those years as an editor as well. She has exclusively used Apple products for the past 35 years. In addition to writing and editing at MTE, she also runs the site’s sponsored review program.

Read next

Octopuses possess roughly 500 million neurons distributed across their body, with two-thirds located in their arms rather than their central brain, meaning each arm can taste, problem-solve, and react to stimuli independently of whatever the octopus is otherwise paying attention to.
Explore the historic Roman bridge in lush Salamanca, Spain captured beautifully in daylight.
The Roman aqueduct at Segovia, built around the first century AD without mortar, still carried water into the 1970s, its 167 granite arches held together by nothing but the precise weight distribution of stones cut to fit each other within fractions of a millimeter.
When the SS Great Eastern laid the first working transatlantic telegraph cable in 1866, a message that had taken ten days by steamship suddenly crossed the ocean in minutes, and the financial markets of London and New York were forced, within a single trading week, to invent the modern concept of synchronised global price.
From below of blue starry sky over radio telescope and trees with leaves
The Big Ear telescope was scanning at 1420.4056 megahertz on the night of 15 August 1977, the exact frequency at which hydrogen atoms vibrate across the universe, because Giuseppe Cocconi and Philip Morrison had argued years earlier that any species trying to be found would broadcast on that channel — and then, for 72 seconds, something did.
In 2016, archaeologists dated two rings of snapped stalagmites in France’s Bruniquel Cave to 176,500 years ago, evidence that Neanderthals had walked 336 metres into darkness with fire and built architecture deep underground long before modern humans reached Europe
Otto von Bismarck was 74 when Germany adopted the world’s first national old-age social insurance program in 1889, setting the pension age at 70 after years of fighting socialists with bans, laws, and a promise few workers would live long enough to use
When cosmonaut Valeri Polyakov stepped out of his Soyuz capsule in March 1995 after 437 consecutive days aboard Mir, doctors recorded him at several centimetres above his pre-flight height, and his spine had become so unaccustomed to gravity that the recovery team carried him to a chair rather than risk the compression of letting him walk.
When Bell Labs engineer Karl Jansky pointed a rotating antenna at the sky in 1932 looking for sources of transatlantic radio static, he kept picking up a faint hiss that peaked every 23 hours and 56 minutes, and he eventually realized he had become the first human to hear the center of the Milky Way.