Toyota Financial Services (TFS) is warning customers that it has suffered a data breach, stating that sensitive personal and financial data was exposed in the attack.
Toyota Financial Services, a subsidiary of Toyota Motor Corporation, is a global entity with a presence in 90% of the markets where Toyota sells its cars, providing auto financing to its customers.
Last month, the company confirmed that it had detected unauthorized access to some of its systems in Europe and Africa, after the Medusa ransomware claimed to have successfully breached the Japanese automaker's division.
Its actors fromilis demanded a payment of $8.000.000 to delete the stolen data and gave Toyota 10 days to respond to their blackmail.
At that time, a A Toyota spokesperson told BleepingComputer that the company had detected unauthorized access to some of its systems in Europe and Africa. The company took some systems offline to contain the breach, which affected customer services.
Apparently, Toyota has not negotiated a ransom payment with them cybercriminals and currently, all data has been leaked to Medusa's blackmail portal on the dark web.
Earlier this month, Toyota Kreditbank GmbH in Germany was identified as one of the affected departments, admitting that hackers gained access to personal customer data.
German news outlet Heise obtained a sample of the notices sent by Toyota to German customers informing them that the following data has been breached:
- Full name
- Contract information
- Hire-purchase details
- IBAN (International Bank Account Number)
This type of data can be used in phishing, social engineering, scams, financial fraud, and even identity theft attempts.
The notification verifies that the above data has been compromised based on the ongoing investigation. However, the internal investigation is not yet complete and there is still a possibility that the attackers had access to additional information.
Toyota promises to notify affected customers immediately if the internal investigation uncovers further data exposure.
BleepingComputer has reached out to Toyota for additional information, such as the exact number of customers exposed, but we have not heard back by press time.