On Wednesday, Toyota Motor Corp said that a misconfiguration in its cloud environment may have exposed customer information in some countries in Asia (excluding Japan) and Oceania between October 2016 and May 2023. The customer information that may have been accessed externally included names, addresses, phone numbers, email addresses, vehicle identification numbers, and registration numbers, the company said.
The incident came earlier this month when vehicle data for nearly the entire customer base of 2.15 million Japanese users registered with a major cloud service platform since 2012 was exposed for 10 years due to human error. Following the announcement. Toyota said the issue was discovered after the company launched a full investigation into previous incidents. “Because we believe that this incident was also caused by insufficient dissemination and enforcement of data processing regulations. “We put in place a system to monitor the configuration of the cloud,” Toyota said. The company also investigated whether there was any copying or use of customer data by third parties, but found no evidence of such use. Adding vehicle location information or credit card information was not considered in this incident.