Security News
Toyota's Global Supplier Preparation Information Management System was breached by a security researcher who responsibly reported the issue to the company. The issues were responsibly disclosed to Toyota on November 3, 2022, and the Japanese car maker confirmed they had been fixed by November 23, 2022.
Toyota has admitted it put 296,019 email addresses and customer management numbers of folks who signed up for its T-Connect assistance website at risk of online theft by bungling its security. Once Toyota looked at that source code, the manufacturing giant realized this public-facing code repository contained an access key to a server that stored customer data.
Toyota Motor Corporation is warning that customers' personal information may have been exposed after an access key was publicly available on GitHub for almost five years. Toyota discovered recently that a portion of the T-Connect site source code was mistakenly published on GitHub and contained an access key to the data server that stored customer email addresses and management numbers.
On Friday, Bridgestone Corp. admitted that a subsidiary experienced a ransomware attack in February, prompting it to shut down the computer network and production at its factories in North and Middle America for about a week, said Reuters. Manufacturers like Toyota, already hampered by supply chain shortages, are proving to be particularly attractive targets for ransomware groups.
Toyota has closed all 14 plants it operates in Japan due to what it has described as a "System failure" at Kojima Industries Corporation - and local media report the cause of the failure is a cyberattack. Kojima Industries' is a Toyota subsidiary that manufacturers interior and exterior car parts and participates in Toyota's just-in-time supply chains.
Toyota doesn't know how long the 14 plants will be unplugged. Reuters reported that within hours of Japan having joined Western allies in blocking some Russian banks from accessing the SWIFT international payment system and committing to giving Ukraine $100 million in emergency aid, a spokesperson at Toyota supplier Kojima Industries Corp. said that it had apparently been hit by "Some kind of cyber attack."
Giant Japanese automaker Toyota Motors has announced that it stopped car production operations. Toyota said today that the incident caused it to decide to suspend the operation of 28 production lines in 14 plants in Japan, starting tomorrow, Tuesday, March 1, 2022.
American businesses that receive payments in cryptocurrencies worth $10,000 or more will have to report those transactions to the Internal Revenue Service, the United States' Treasury mentioned on Thursday. This simply puts crypto-coins on the same footing as cash: the IRS says "Federal law requires a person to report cash transactions of more than $10,000," we note.
Vulnerabilities in Lexus and Toyota cars could be exploited by hackers to launch remote attacks against affected vehicles, researchers at China-based Tencent Keen Security Lab discovered. Research into the AVN system in the 2017 Lexus NX300 - the same system is also used in other models, including LS and ES series - has revealed security issues with the Bluetooth and vehicular diagnosis functions on the car.
Security teams' jobs continue to get exceedingly difficult, but they're still spending time trying to figure out where things are and what they are.Security teams' jobs continue to get exceedingly...