Australian Toyota customers caught up in global data breach
Personal details of Toyota customers in Australia may have been publicly accessible for more than five yearsToyota has confirmed Australian customers may have had their personal details accessed by computer hackers and made publicly available online as part of a global data breach uncovered last month.
The company previously said no Australian customers were impacted by the data breach, which was first announced by Toyota Motor Corporation (TMC) in Japan on May 12.
That has now changed, with Toyota Australia admitting today that personal information belonging to a “comparatively small number” of about 2800 customers – compared to the 2.15 million identified in Japan alone – had been compromised.
In a statement issued overnight, TMC said the information breached includes names, addresses, phone numbers, email addresses, customer IDs, vehicle registration and vehicle identification numbers (VINs).
It said that “at present, we have not confirmed any secondary damage; vehicle location, credit card information, etc are not included in this incident”.
However, TMC also admitted that the sensitive information that has been leaked may have been public accessible since October 2016.
In a statement issued to carsales, a Toyota Australia spokesperson said:
“On 12 May, Toyota Motor Corporation confirmed that the vehicle data of some users in Japan had been publicly accessible due to an error in the configuration of a cloud-based database.
“At the time of that notification, it was our understanding that no Australian data was included but, upon continued investigation, we now know that a comparatively small number of Australian records have been impacted.
“Our investigations have found no evidence that the data has been accessed, and we have concluded that the probability is extremely low that any third party could have accessed it.
“While the data may include vehicle information, as well as some personal information such as names and some contact information, no personal financial details are included.
“Toyota Australia recognises the concern that this may cause to our customers, and we are working to contact directly those impacted to advise them of the situation, and to detail the measures that we have taken to ensure the security of our systems and their data.
“We continue to liaise with Toyota head office in Japan, and we will provide updates should additional information become available.”
In Japan, TMC also said overnight that “as we believe that this incident also was caused by insufficient dissemination and enforcement of data handling rules, since our last announcement we have implemented a system to monitor cloud configurations”.
“Currently, the system is in operation to check the settings of all cloud environments and to monitor the settings on an ongoing basis,” the company said.
“In addition, we will work closely again with TC [Toyota Connected Corporation] to explain and thoroughly enforce the rules for data handling. We will also work to prevent a recurrence by thoroughly educating our employees once again.
“We sincerely apologise to our customers and all relevant parties for any concern and inconvenience this may have caused.”
Join the conversation at
Or email us at
Or email us at
Please see our Editorial Guidelines & Code of Ethics (including for more information about sponsored content and paid events). The information published on this website is of a general nature only and doesn’t consider your particular circumstances or needs.
