Toyota has revealed 10 years of car data

Toyota has revealed 10 years of car data

Toyota Motor Corporation accidentally contacted him open on the internet (and thus accessible to all) car data of more than 2 million users in the period of almost 10 years. In practice, anyone could freely access the information, as it was not password protected. The security incident affects Japanese customers only. A similar “carelessness” was confirmed at the end of March by Toyota Motor Italia.

Millions of data are available from the Internet

In the official statement of the automaker, it is stated that the data of the cars 2.15 million customersoperated by Toyota Connected Corporation, were exposed to the public between November 6, 2013 and April 17, 2023. The security incident was caused byincorrect configuration of the cloud environment that allowed access to the database without a password.

Affected users are those who signed up for T-Connect, G-Link, G-Link Lite and G-Book services between January 2, 2012 and April 17, 2023, so also Lexus owners. The data displayed are: GPS navigation terminal number, vehicle position with date and chassis number. All affected customers have been contacted.

This information does not allow us to track users’ personal data. Currently there have been no reports of access and data theft. It is clear that various measures have been implemented to prevent invasion from outside.

At the beginning of October 2022, Toyota has confirmed that the email addresses of some 300,000 customers were exposed for about five years. Part of the source code of the T-Connect software, published on GitHub, contained a private key that allowed access to the server where the data was stored.