In a recent announcement, Toyota revealed that its popular online service, the cloud-based Connected service, experienced a data breach spanning a decade, exposing information on more than 2 million vehicles. The breach, which occurred from January 2012 to April 2023, impacted all Japan-based vehicles utilizing the Connected service.
The Connected service, designed to assist vehicle owners with emergencies, maintenance checks, and entertainment streaming, provides valuable features such as crash assistance and stolen vehicle tracking. While there have been no reported issues stemming from the breach, the compromised data includes sensitive information such as the vehicle identification number, location, time, and video footage captured by the vehicle’s “drive recorder” within Japan.
Toyota’s subsidiary in Japan manages the Connected service and oversees its database. According to Toyota spokesperson Hideaki Homma, the ease of unauthorized external access to the company’s data went unnoticed until now. “We are so sorry to have caused such trouble to all the people,” expressed Homma, acknowledging the impact and inconvenience caused by the breach.
The disclosure of this major issue has left Japan’s leading automaker, renowned for its commitment to quality and attention to detail, in a state of embarrassment. Homma assured the public that the system problem has been rectified, allowing Connect-enabled vehicles to continue operating without requiring any repairs.
While Toyota has taken steps to address the breach, this incident serves as a reminder of the increasing risks associated with digital services and the importance of robust security measures to safeguard sensitive information. Customers and vehicle owners are advised to remain vigilant and monitor any communications from Toyota regarding the breach.