Toyota says some customers in Asia, Oceania face risk of data leak

FILE PHOTO: The Toyota logo is seen at its booth during a media day for the Auto Shanghai show in Shanghai, China April 19, 2021. REUTERS/Aly Song/File Photo

TOKYO (Reuters) - Toyota Motor Corp said on Wednesday that information on customers in some countries in Oceania and Asia, excluding Japan, may have been left publicly accessible from October 2016 to May 2023.

Customer information that may have been accessible externally included names, addresses, phone numbers, email addresses, and vehicle identification and registration numbers, the company said.

The incident follows its announcement this month that the vehicle data of 2.15 million users in Japan, or almost the entire customer base who had signed up for its main cloud service platforms since 2012, had been publicly available for a decade because of human error.

The world's largest automaker by sales said the latest issue was discovered when it launched a broad investigation into cloud environments managed by Toyota Connected Corp after the earlier incident.

"As we believe that this incident also was caused by insufficient dissemination and enforcement of data handling rules ... we have implemented a system to monitor cloud configurations," Toyota said.

The issue arose because of a setting error in the cloud environment where the automaker stored customer data collected by overseas dealers for handling and managing maintenance inspections of vehicles.

Toyota is investigating the issue based on the laws and regulations of each country, a company spokesperson said.

Toyota did not say how many customers were affected by the incident, in which countries they are located exactly, and whether customers of its luxury Lexus brand were affected.

Through Connected, which is majority owned by the automaker, Toyota offers individual and business customers mobility solutions, such as a smart key function, a 24-hour operator, and location-based route guidance and traffic congestion information services.

Only part of customers' information may have been externally accessible, the company said.

Toyota said it had also investigated whether there were any third-party copies or use of its customer data and found no evidence of such use, adding vehicle location and credit card information were not included in the incident.

It said customer information "may have been potentially accessible externally" but did not elaborate on how the information could have been accessed.

The company initially uncovered the incident announced this month by chance, during inspections that started on April 7, the spokesperson said.

(Reporting by Daniel Leussink; editing by Gerry Doyle and Jason Neely)

Subscribe now to our Premium Plan for an ad-free and unlimited reading experience!


Next In Tech News

Intel hit with $400 million EU antitrust fine in decades-old case
I queue, I buy, I sell: New iPhone 15 being resold online soon after official launch in S’pore
Amazon to roll out ads on Prime Video in 2024
'Power, influence, notoriety': The Gen-Z hackers who struck MGM, Caesars
Despite China’s iPhone ban, buyers and scalpers are flocking to Apple Stores
EU set to demand e-fuel cars have no climate impact -document
TikTok’s rules deter researchers from crunching data on users, misinformation
Toyota to speed up EV production, aims for over 600,000 vehicles in 2025 - Nikkei
US farmers, tech tycoons square off over plans for utopian city
‘Wow, so amazing’: Paralysed stray cat in China reportedly healed by traditional Chinese medicine students with joint and acupuncture treatments, trends online

Others Also Read