10
Toyota admits to yet another cloud leak (www.theregister.com)
submitted 1 year ago by 0xCBE@infosec.pub to c/cloudsecurity@infosec.pub
2 comments fedilink hide all child comments

"Toyota said it had no evidence the data had been misused, and that it discovered the misconfigured cloud system while performing a wider investigation of Toyota Connected Corporation's (TC) cloud systems.

TC was also the site of two previous Toyota cloud security failures: one identified in September 2022, and another in mid-May of 2023.

As was the case with the previous two cloud exposures, this latest misconfiguration was only discovered years after the fact. Toyota admitted in this instance that records for around 260,000 domestic Japanese service incidents had been exposed to the web since 2015. The data lately exposed was innocuous if you believe Toyota – just vehicle device IDs and some map data update files were included. "

top 2 comments
sorted by: hot top controversial new old
[-] Captain@infosec.pub 3 points 1 year ago

They say it's cloud breach by I didn't see what kind of cloud breach. Did I just miss it or was it not mentioned?

[-] 0xCBE@infosec.pub 2 points 1 year ago

This is the official statement I think: https://global.toyota/jp/newsroom/corporate/39174380.html but it's light on details (I think, I google translated)

From reading around it looks like it was either a compute instance or a database exposed by mistake, nothing sophisticated.

this post was submitted on 16 Jun 2023
10 points (100.0% liked)

Cloud Security

693 readers
1 users here now

Preventing storms.

Rules

  1. Be excellent to each other!
  2. Use the article title as the submission title. Do not editorialize the title or add your own commentary to the article title.
  3. No vendor spam. Zero tolerance for content marketing.

founded 1 year ago
MODERATORS
0xCBE@infosec.pub