Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Toyota Financial Services discloses a data breach

Toyota Financial Services (TFS) disclosed a data breach, threat actors had access to sensitive personal and financial data. Toyota Financial Services (TFS) is warning customers it has suffered a data breach that exposed sensitive personal and financial data. “Due to an attack on the systems, unauthorized persons gained access to personal data. Affected customers have now […]

Toyota Financial Services

Toyota Financial Services (TFS) disclosed a data breach, threat actors had access to sensitive personal and financial data.

Toyota Financial Services (TFS) is warning customers it has suffered a data breach that exposed sensitive personal and financial data.

“Due to an attack on the systems, unauthorized persons gained access to personal data. Affected customers have now been informed. Toyota Kreditbank’s systems have been gradually restarted since December 1st.” reads a statement published by the company on its website.

Toyota Financial Services (TFS) is the finance arm of the Toyota Motor Corporation. It is a subsidiary of Toyota and provides a range of financial services to Toyota customers and dealerships worldwide. TFS offers various financial products, including auto loans, leases, and insurance solutions. The goal of TFS is to support Toyota customers in financing their vehicles and to facilitate the purchase or lease of Toyota vehicles through flexible and tailored financial options. The services provided by Toyota Financial Services may vary by region, and customers can typically access these services through Toyota dealerships or online platforms.

German website Heise obtained the data breach notification sent by Toyota to German customers. The company told them that threat actors gained access to full names, residence addresses, contract information, lease-purchase details, and IBAN (International Bank Account Number).

Toyota Financial Services

Toyota Financial Services warns its German customers to remain vigilant and contact their bank to take additional security precautions. They should monitor unusual activities and obtain a current credit report from Schufa.

Toyota also notified the data protection officer for North Rhine-Westphalia about the security breach.

On November 17, 2023, the Medusa ransomware gang claimed responsibility for the attack and threatened to leak the purportedly stolen data if the company doesn’t pay the ransom.

The ransomware gang initially demanded a payment of $8,000,000 to delete data allegedly stolen from the company, and they offered the option to extend the deadline for an additional $10,000 per day.

Medusa Toyota set the deadline for November 26 and published a sample of the stolen data as proof of the hack.

Leaked sample data includes financial documents, invoices, hashed account passwords, passport scans, and more. The documents are in German, a circumstance that suggests that they have been stolen from company systems located in Germany.

The popular cyber security expert Kevin Beaumont first noticed that the company office in Germany had a vulnerable Citrix Gateway exposed online. Threat actors likely exploited the vulnerability Citrix Bleed to gain initial access to the company’s network.

The Medusa group has now published the stolen data on its Tor leak site.

Impacted customers are at risk on fraudulent activities, including identity theft and financial fraud.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, TFS)