Toyota suffers second data breach in five weeks
Japanese car manufacturer Toyota has suffered a second data breach in the space of five weeks, leading to the data of 3.1m customers being accessed through a malicious attack.
Toyota said that hackers breached its IT systems and gained access to information belonging to several of its sales subsidiaries.
"We take this situation seriously, and will thoroughly implement information security measures at dealers and the entire Toyota Group," said the company.
The nature of the stolen information is yet to be disclosed but Toyota assured its customers, along with Lexus car owners who are also affected, that customer financial information was not part of the breached data set.
Toyota has also not confirmed whether data on the hacked server has been exfiltrated by the hackers but the company has launched an investigation into the incident.
The nature of the data is still not entirely certain, but experts said that because the data relates to the company's sales arms, the data contained by these subsidiaries could lead to more targeted attacks on customers if the data was exfiltrated at all.
"Current and former owners of Toyota vehicles should be concerned about this breach," said Tim Mackey, senior technical evangelist at Synopsys. "With attackers potentially gaining access to sales records, that data provides a perfect profile from which to build a spear phishing attack."
"Moving forward, Toyota customers receiving any communication purporting to be from Toyota should take extra measures to confirm its legitimacy," he added.
"The ability to forensically analyze a data breach is equally as important as preventing it in the first place," said Simon Whitburn, global SVP of cyber security services at Nominet, in a statement sent to IT Pro.
"With so much at risk for customers, businesses cannot afford to play a guessing game about whether data was stolen. Monitoring data patterns at a DNS level is a good place to start, as packets could be analyzed and tracked from source to whatever server they were exfiltrated to."
In late February 2019, Toyota was hit by an "attempted cyber attack", according to a brief company announcement.
At the time, the company believed that no private employee or customer data was acquired through the attack and that the company's own IT department was managing the situation.
Following the news, analysts attributed the initial attack on Toyota to a group labelled 'APT32' or 'OceanLotus Group', a Vietnamese hacking outfit believed to be targeting the auto industry specifically. It's unknown whether the same group could be behind the most recent attack on the car manufacturer.
Industry: Cyber Security News
- Penetration Tester, UK based. Ability to achieve SC clearance
- United Kingdom
Experienced Penetration tester- UK based with the ability to achieve SC clearance. On-going training and development and paid certifications / renewals. Interested to hear from all areas of penetration testing, web app, infrastructure, mobile, etc. MUST have current hands on experience delivering penetration testing. Ideally from a consultancy background with experience working with multiple clients. OSCP / CREST / CHECK / Tigerscheme penetration testing experience / certifications desirable. Apply today for more details. All information kept in the strictest of confidence.
- Senior Data Privacy Specialist, London. CIPT
REF CH7875 £60,000 Senior Data Privacy Specialist, London. CIPT Senior Data Privacy Specialist needed to help advise client on project and programmes relating to Data Privacy and compliance. UK based role. Ideally looking for someone that has a strong appreciation of technology and Data Privacy that can work with clients to develop or enhance their strategies, policies, processes and techniques to manage cybersecurity risks while enabling business driven data. Certified Information Privacy Technologists (CIPT), Certified Information Privacy Professional/Europe CIPP/E experience and or certification highly desirable. Specific experience within the healthcare industry is of particular interest. All details kept in confidence Apply today for more information
- Cyber Security lead Managing Consultant, Healthcare
REF CH7874 £120,000 Cyber Security lead Managing Consultant, Healthcare, Public Sector. UK Cyber Security lead Managing Consultant with a specialisation in healthcare needed. The Cyber Security lead Managing Consultant will identify, engage with, consult and deliver key and critical cyber focused programmes and projects into healthcare clients. To be a success in the role you will be able to identify and engage with clients building pipelines of new business opportunities. A key part of your role will be to engage with new and existing clients to win new business opportunities- this role is revenue generating. Consulting experience around digital cyber transformations, Governance, Risk & Compliance, Critical National Infrastructure programmes, Managed Detection and Response etc are key. NIST, ISO27001, etc Team management, , identifying Cyber Risk, UK based, Permanent position. The ability to achieve UK security clearance is a perquisite. All details held in confidence. Apply today for more information.
- CONTRACT outside IR35 - SENIOR Security Analyst level 3.
- United Kingdom
- competitive day rates
REF CH7873 CONTRACT 3 month rolling outside ir35 SENIOR Security Analyst level 3. London ideally- but flexible SOC SIEM experience essential. Broad cyber hands on experience should include Threat hunting, Detection, Phishing, Malware etc Scope of engagement · Managing / running BAU tasks (Organising and assigning workloads to the Tier 2 analysts) · Working with the various security tools (Creating documentation to support the use of these tools) · Support Incident Management activities (Work with the incident managers when an incident is identified) · Support Incident Response activities (Recommendations and support remediation activities without completing these activities) · Be technical point of contact to the wider business on security related issues (SME within the team on security related issues) · Train the SOC Analysts (Continuity of service - knowledge transfer to the T2 analysts ) · Working with the Security Engineers on: (Use Case Development Identifying scenarios and developing the use case for the engineering team to deploy Identifying rules and alerts triggered to be fine-tuned by the engineering team) · Recommendations for dashboard creation (Working with the engineering team to identify potential dashboards to create) · Creating, maintaining and uplifting documentation (Playbooks, Process Documentation) · Drive improvement across the estate (Support Vulnerability Management activities and provide enrichment where possible) Any of the following certifications are desirable Splunk Phantom certified admin, Splunk Core Certified Power User / Advanced, Splunk Certified Enterprise Security Admin, etc The individual MUST currently be living in the UK and be able to achieve UK security clearance. (SC) Looking to interview immediately. Arrange a call https://calendly.com/chris-holt/arranged-call-with-chris-holt-soc-role- Chris.Holt@dclsearch.com