Car manufacturer clients' data exposure incident
13.10.2022Back to news
The incident concerned Toyota clients. It turned out, that the problem was at the side of the T-Connect, which is Toyota company contractor. T-Connect provides Toyota clients with a number of functions, accessible via smartphone, such as: function of car opening, navigator usage, location tracking, scheduling maintenance and accessing driving analytics.
According to the official statement by Toyota representatives, all the affected clients had registered since July 2017. They also claimed, that the potentially compromised data included email addresses and customer management numbers; however, names, phone numbers or credit card details weren’t at stake.
The problem was that part of source code was inappropriately kept on GitHub and thus was exposed.
According to the Toyota representatives, the source code had been locked and affected parties were notified. It’s still unclear, if the data had been obtained or somehow misused.