Cyber security is no easy task, regardless of whether you are an individual or a business owner.
On the internet, an individual is at just as much risk from a cyber attack as a business. However, when businesses experience weakness or failure in their Cyber Security, this can lead to much more public consequences, such as a data breach.
Not only is this disastrous for a business’s reputation with its customers, but it can also lead up to hefty fines for violating the GDPR Act of 2018.
This is why we personally recommend that every business has their Cyber security monitored, either in-house, or through external providers like us.
In this blog, we’re taking a look at an example of just how a Cyber Security failure like a data breach can affect a business and its customers. Specifically, Toyota’s decade-long data leak.
The Decade-Long Data Leak
Toyota Motor Corp acknowledged on the 12th of May, 2023, that the vehicle data of approximately 2.15 million users were publicly accessible in Japan for nearly a decade, from November 2013 to mid-April 2023.
Reuters first reported the news, specifying that according to Toyota spokesperson Hideaki Homma, the issue with Toyota’s cloud-based Connected service affects only vehicles in Japan. The service provides vehicle owners with maintenance reminders, entertainment streaming and emergency assistance.
While no reports of issues resulting from the breach have surfaced, the compromised data includes vehicle identification numbers, location history and video footage captured by the vehicle’s drive recorder.
This announcement came months after Toyota warned that nearly 300,000 customers may have had their personal data leaked after an access key was publicly available on GitHub for almost five years.
The Consequences Of This Data Leak
Regardless of just how many people had their information leaked for almost a decade, Toyota claimed this information cannot be used to identify individual owners. Still, approximately 2.15 million users of services like G-Link, G-Book and Connected have been affected.
A few days ago, Toyota confirmed it has now fixed the system issue and assures customers that their Connect-enabled vehicles are safe to drive without requiring repairs.
“Toyota is the latest victim of human error and the huge risks it poses for organizations,” commented Camellia Chan, CEO and founder of security software firm X-Phy.
Why did this happen?
A Toyota spokesperson commented that ‘there was a lack of active detection mechanisms’ to identify the mistake, so the data was exposed for almost a decade.”
We’ve seen this before when NoSQL data storage has led to numerous incidents of exposed data on platforms, such as Amazon S3, Elastic Search and MongoDB.
Conclusion
An overall conclusion to this blog is that anyone can be a target on the internet, regardless of how big or small the target is Cyber threats are indiscriminate.
This is why we can’t emphasise enough how important it is for you to stay on top of your Cyber Security, with either training or monitoring technologies.
We hope you’ve enjoyed this interesting blog on the latest IT-related news. Be sure to watch out for new or future weekly blog releases, which cover almost everything from more IT News to our own Knowledgebase articles. Thanks for reading!
