Security News > 2022 > October > Toyota dev left key to customer info on public GitHub page for five years

Toyota dev left key to customer info on public GitHub page for five years
2022-10-11 01:06

Toyota has admitted it put 296,019 email addresses and customer management numbers of folks who signed up for its T-Connect assistance website at risk of online theft by bungling its security.

Once Toyota looked at that source code, the manufacturing giant realized this public-facing code repository contained an access key to a server that stored customer data.

Toyota wants 'closed loop' EV batteries in its future cars.

Toyota plans to spend up to $2.5b expanding North Carolina EV battery factory.

Upon discovering the GitHub repo, Toyota immediately made it private.

T-Connect offers features such as smartphone based digital keys to unlock Toyota vehicles, navigation services, and remote starting.


News URL

https://go.theregister.com/feed/www.theregister.com/2022/10/11/toyota_source_code_email_leak/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Github 13 2 45 30 19 96