The ransomware attack on Toyota last month unfortunately did compromise some customer data after all.
The automaker recently sent letters to German customers saying their personal info was exposed when the Medusa hacker group hit Toyota Financial Services.
At first Toyota thought no data was actually stolen. But now names, addresses, financial details, and more seem to have leaked and are even for sale online.
Medusa originally demanded an $8 million ransom to delete the data, which Toyota refused to pay. Never a good idea to give in to criminal extortion!
But that means customers are paying the price now with their personal info out there. Toyota is still investigating with authorities and cybersecurity pros.
More breach notices may come if they uncover wider high-risk leaks. For now it’s limited to Germany where disclosure laws required informing affected folks.
The attack also disrupted financial services and vehicle deliveries temporarily. But Toyota says most systems are restored now.
Still, this breach is a big black eye. Customers need to watch for potential identity theft with their data leaked. And it could further tarnish trust in connected cars.
Toyota emphasizes they’re working with law enforcement to fight the criminals. But the damage is done – companies have to boost security to keep determined hackers out.
Ransomware remains a huge threat. Let’s hope Toyota and others learn to better protect customer data going forward. Don’t pay ransoms, prevent breaches!
