More than 2 million Toyota users face risk of vehicle data leak in Japan
Send a link to a friend
 [May 12, 2023] By
Daniel Leussink and Kantaro Komiya
TOKYO (Reuters) -Toyota Motor Corp said on Friday the vehicle data of
2.15 million users in Japan, or almost the entire customer base who
signed up for its main cloud service platforms since 2012, had been
publicly available for a decade due to human error.
The incident, which also affected customers of its luxury brand Lexus,
comes as the world's biggest automaker by sales makes a push into
vehicle connectivity and cloud-based data management which are seen as
crucial to offering autonomous driving and other artificial
intelligence-backed features.
The issue, which began in November 2013 and lasted until mid-April,
stemmed from human error, leading to a cloud system being set to public
instead of private, a Toyota spokesperson said. It could encompass
details such as vehicle locations and identification numbers of vehicle
devices, but there were no reports of malicious use, the company said.
"There was a lack of active detection mechanisms, and activities to
detect the presence or absence of things that became public," the
spokesperson said in response to why it took time to realise there had
been an error.
Toyota said it would introduce a system to audit cloud settings,
establish a system to continuously monitor settings, and thoroughly
educate employees on data handling rules.
Affected customers included those who signed up for the T-Connect
service that provides a wide range of services including AI
voice-enabled driving assistance, auto connection to call centres for
vehicle management, and emergency support in such cases as a traffic
accident or sudden illness.
[to top of second column] |
A Toyota logo is seen during the New
York International Auto Show, in Manhattan, New York City, U.S.,
April 5, 2023. REUTERS/David 'Dee' Delgado
Also affected were users of G-Link, a similar service for owners of
Lexus vehicles.
Japan's Personal Information Protection Commission has been informed
about the incident, one of its officials said, but declined to
provide further details, in line with its practice of not commenting
on individual incidents.
Toyota said steps to block outside access to the data were taken
after the issue was discovered and an investigation into all cloud
environments managed by Toyota Connected Corp was being carried out.
Large leaks of personal data occasionally happen in Japan. In March,
mobile carrier NTT DoCoMo said data of up to 5.29 million customers
may have leaked via a company to which it outsourced work.
The incident adds to a raft of challenges facing Koji Sato who took
over as Toyota CEO on April 1 from Akio Toyoda, grandson of the
company's founder.
Since he took office, Toyota has admitted safety test problems at
its affiliate Daihatsu and received a shareholder proposal from a
trio of European asset managers to improve disclosure of its
lobbying on climate change.
(Reporting by Daniel Leussink and Kantaro Komiya; Editing by Miyoung
Kim and Mark Potter)
[© 2023 Thomson Reuters. All rights
reserved.]
This material may not be published,
broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content. |
