Toyota recovering from cyberattack on its financial services division

Jason Macuray
Toyota is bringing some services in its European and African financial services department back online after discovering a cyberattack.

Toyota is bringing some services in its European and African financial services department back online after discovering a cyberattack.

A spokesperson for the car maker directed Recorded Future News to a statement the company published about the incident following claims made by a notorious ransomware gang.

“Toyota Financial Services Europe & Africa recently identified unauthorized activity on systems in a limited number of its locations. We took certain systems offline to investigate this activity and to reduce risk, and have also begun working with law enforcement. In most countries, we have started bringing our systems back online,” the company said.

“We are working diligently to get systems back online as soon as possible and we regret any inconvenience caused to our customers and business partners. As of now, this incident is limited to Toyota Financial Services Europe & Africa.”

Cybersecurity expert Kevin Beaumont noted that Toyota systems accessible through the internet are vulnerable to the “Citrix Bleed” vulnerability that has affected dozens of large companies and governments since it was announced late last month.

The carmaker has dealt with several cybersecurity incidents over the last three years, including a wide-ranging incident announced in May where information on more than 2 million vehicles in Japan was exposed for more than a decade.

Toyota dealt with another breach in April and had to resolve a separate security issue that allowed for widespread access to a platform used by employees to coordinate operations.

The company’s statement came hours after the Medusa ransomware gang claimed to have stolen data from Toyota Financial Services. The group gave the company 10 days to pay a $8 million ransom.

Medusa drew headlines earlier this week for an attack on a technology company created by two of Canada’s largest banks.

The Medusa gang has been behind several high-profile attacks in 2023, including incidents that affected an Italian company that provides drinking water to nearly half a million people, one of the largest school districts in Minnesota, the French town of Sartrouville, Tonga’s state-owned telecommunications company and most recently the government organization that manages the universal healthcare system of the Philippines.

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.


Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Customs and Border Protection acquired ‘huge amount of surveillance power’

Next Post

MeridianLink confirms cyberattack after ransomware gang claims to report company to SEC

Related Posts

493 Companies Share Their SaaS Security Battles – Get Insights in this Webinar

In today's digital world, security risks are more prevalent than ever, especially when it comes to Software as a Service (SaaS) applications. Did you know that an alarming 97% of companies face serious risks from unsecured SaaS applications?Moreover, about 20% of these organizations are struggling with internal data threats. These statistics aren't just numbers; they're a wake-up call. We're
Read More