On May 12, Toyota Motor Corporation (TMC) announced “Apology and Notice Concerning Potential Data Leakage of of Customer Information Due to Misconfiguration of Cloud Environment (Japanese only)” Subsequently, we conducted an investigation for all cloud environments managed by TOYOTA Connected Corporation (TC). It was further discovered that a part of the data containing customer information had been potentially accessible externally. We would like to inform you of the incident that has been identified as of today.
As we believe that this incident also was caused by insufficient dissemination and enforcement of data handling rules, since our last announcement, we have implemented a system to monitor cloud configurations. Currently, the system is in operation to check the settings of all cloud environments and to monitor the settings on an ongoing basis. In addition, we will work closely again with TC to explain and thoroughly enforce the rules for data handling. We will also work to prevent a recurrence by thoroughly educating our employees once again. We sincerely apologize to our customers and all relevant parties for any concern and inconvenience this may have caused.
We have also investigated whether, with this incident, there was any secondary use or if third-party copies remain on the Internet, and no evidence of such has been found. At present, we have not confirmed any secondary damage. (Vehicle location, credit card information, etc., are not included in this incident)
The incidents are as follows.