Auto giant Toyota Motor Corp. has confirmed a decade-long data breach, spanning from November 2013 to April 2023, via its Toyota Connected service, affecting 2.15 million customers. Due to the lack of an active detection mechanism, anyone had access to vehicle information without a password.
It turned out that some of the data managed by Toyota Connected was left open to the public due to misconfiguration in the cloud environment. Not the first instance among autos, early in 2023, researchers discovered software bugs in 16 car brands, including Mercedes-Benz, Porsche, Ford and Toyota, that allowed hackers to control vehicles remotely and access personally identifiable information.
From critical vehicle systems down to private data, efforts to protect cars against cyber threats must intensify as more digital automotive technologies are implemented.