The Japanese vehicle manufacturer, Toyota, has admitted that customers of its cloud service platforms have had their data leaked, Reuters has reported. Staggeringly, the data has been public-facing for about a decade due to human error at the company. If you use Toyota’s T-Link service or Lexus’ G-Link, then your data may have been exposed.
The company blamed a lack of active detection mechanisms to alert the company that the data had inadvertently been made public. It’s not clear what data was exposed but Reuters suggests that vehicle locations and vehicle identification numbers could have been included. The data was viewable by the public between November 2013 and April 2023 but no malicious use of the data has been reported.
Japan’s Personal Infomation Protection Commission has been notified about the problem but has not commented on the matter. It’s unclear if or what punishments it could mete out to Toyota but the company could be fined and be asked to prevent things like this from happening in the future.
Thankfully, customers of Toyota that are now concerned about any more data being leaked can take a bit of comfort in the knowledge that the company is investigating all its cloud environments. This investigation should detect any more public-facing data, if there is any.