Toyota recovering from cyberattack on its financial services division

Jason Macuray
Toyota is bringing some services in its European and African financial services department back online after discovering a cyberattack.

Toyota is bringing some services in its European and African financial services department back online after discovering a cyberattack.

A spokesperson for the car maker directed Recorded Future News to a statement the company published about the incident following claims made by a notorious ransomware gang.

“Toyota Financial Services Europe & Africa recently identified unauthorized activity on systems in a limited number of its locations. We took certain systems offline to investigate this activity and to reduce risk, and have also begun working with law enforcement. In most countries, we have started bringing our systems back online,” the company said.

“We are working diligently to get systems back online as soon as possible and we regret any inconvenience caused to our customers and business partners. As of now, this incident is limited to Toyota Financial Services Europe & Africa.”

Cybersecurity expert Kevin Beaumont noted that Toyota systems accessible through the internet are vulnerable to the “Citrix Bleed” vulnerability that has affected dozens of large companies and governments since it was announced late last month.

The carmaker has dealt with several cybersecurity incidents over the last three years, including a wide-ranging incident announced in May where information on more than 2 million vehicles in Japan was exposed for more than a decade.

Toyota dealt with another breach in April and had to resolve a separate security issue that allowed for widespread access to a platform used by employees to coordinate operations.

The company’s statement came hours after the Medusa ransomware gang claimed to have stolen data from Toyota Financial Services. The group gave the company 10 days to pay a $8 million ransom.

Medusa drew headlines earlier this week for an attack on a technology company created by two of Canada’s largest banks.

The Medusa gang has been behind several high-profile attacks in 2023, including incidents that affected an Italian company that provides drinking water to nearly half a million people, one of the largest school districts in Minnesota, the French town of Sartrouville, Tonga’s state-owned telecommunications company and most recently the government organization that manages the universal healthcare system of the Philippines.

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.


Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Customs and Border Protection acquired ‘huge amount of surveillance power’

Next Post

MeridianLink confirms cyberattack after ransomware gang claims to report company to SEC

Related Posts

The Secrets of Hidden AI Training on Your Data

While some SaaS threats are clear and visible, others are hidden in plain sight, both posing significant risks to your organization. Wing's research indicates that an astounding 99.7% of organizations utilize applications embedded with AI functionalities. These AI-driven tools are indispensable, providing seamless experiences from collaboration and communication to work management and
Read More

New APT Group “CloudSorcerer” Targets Russian Government Entities

A previously undocumented advanced persistent threat (APT) group dubbed CloudSorcerer has been observed targeting Russian government entities by leveraging cloud services for command-and-control (C2) and data exfiltration. Cybersecurity firm Kaspersky, which discovered the activity in May 2024, the tradecraft adopted by the threat actor bears similarities with that of CloudWizard, but pointed
Read More