Content
Toyota reports second breach in five weeks
For the second time
in five weeks, Toyota has acknowledged a breach – this one affecting 3.1
million customers at its subsidiaries while the first was in Australia and
believed to be the work of Ocean Lotus, or APT32.The company isn’t yet sure if the hackers nicked any data from its systems but said customers of subsidiaries, including , Lexus Koishikawa Sales, Lexus Nerima, Toyota Tokyo Sales Holdings, Toyota West Tokyo Corolla, Toyota Tokyo Corolla and Tokyo Tokyo Motor were among those that could be affected."I expect that
Toyota’s Japanese customers are collateral damage in an attempt to steal
Toyota’s intellectual property,” said Lucy Security CEO Colin Bastable. “Toyota’s
response, saying that they will implement additional security measures, reminds
me of the recent Airbus attack and their similar remedial approach to cybersecurity.”While large companies
can expect to be the target of hackers and Toyota has claimed to be “taking this incident seriously,” DivvyCloud CTO Chris DeRamus
said the automaker should have had “security tools and plans in place already
to proactively avoid cyberattacks in the first place.” Calling data “the new
oil in our digital era,” DeRamus stressed “companies should be doing everything
they can to protect it.” The two hacks in
quick succession highlight a deeper problem with visibility across their
networks. “Toyota’s recent data breaches highlight the fact that global
enterprises do not have ample visibility into their massive networks and
infrastructure, and therefore are not able to take proper actions to avoid data
leaks,” said Jonathan Bensen, CISO and
senior director of product management at Balbix, adding that Toyota
could suffer reputational damage as a result.“Any breach of
personal identifiable information (PII) is reason enough for customers to be
alarmed,” said Bensen, noting that not just data but rather trust gets breached
in a hack. “Suffering multiple security incidents within such a short time
frame can significantly affect company reputation.”Particularly in
Japan, said Bastable, whose society is built on trust.That the company doesn’t know what data was affected and if any had been nabbed by hackers is “troubling,” said Simon Whitburn, global senior vice president of cybersecurity services at Nominet, and said that Toyota should thoroughly review its security systems to identify any weaknesses. “It is thought that the central systems in Japan were accessed through weaknesses in the Australian system, meaning that clearly the network architecture is not secure.”But Tim Erlin, vice
president of product management and strategy at Tripwire, said it’s too early
to say whether the two incidents are related, until Toyota’s investigation turns
up additional details on the methods and tools the hackers used. “But it’s
difficult to say definitively that they are not without more information.”
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds