Toyota: Data on more than 2 million vehicles in Japan were at risk in decade-long breach

data breach in Toyota’s much-touted online service put some information on more than 2 million vehicles at risk,

No matter whether private sector or public sector in Japan, when it comes to IT they show same level of competence.

https://japantoday.com/category/national/7-300-health-insurance-entries-erroneously-linked-to-my-number-ids

Better stick to paper and faxes.

Almost every two months there are cybersecurity data leaks and breaches being reported about Toyota or its suppliers.

It’s actually a shame. Maybe Toyota should leave those „new“ stuff aside and focus on mechanical vehicles with combustion engines.

the data at risk includes: the vehicle identification number, which is separate from the license plate; the location of the vehicle and at what time it was there; and video footage taken by the vehicle, known as the “drive recorder” in Japan.

Ok, so a hacker knows where the car is parked every night. What do they mean by "the owner is not identified"?

They know everywhere the car has been. That sought of information management should never be outsourced,. Toyota. Get with the 21st century!

More digital incompetence, any wonder they're having hard time accepting the new global EV reality?!

Welcome to 15-minute cities. Welcome to the matrix. Welcome to digital prison. Your freedom to drive will be hinged on your social credit score - low score, no driving. Add the digital ID that will serve as a wallet for the CBDC or digital money. Don’t forget the Covid vax passport and what you have is a nightmare for individual liberties and freedom.

2.15 million people, can you believe it. Most annoying part of lol these security flaws is the fact that ni I’d y ever seems to get into any trouble for them.

Somehow this is not getting a lot of attention even when it is a very serious problem, either the Japanese population is too used to digital incompetence or the public is not aware of how dangerous is to have this data leaked, both things are dangerous and sad.

Such information cannot be used to identify individual owners, according to Toyota Motor Corp.

I wonder how many Toyota and Lexus vehicles were stolen using this data?

Personal identifying information isn't necessary for that.

2.15 million people, can you believe it. Most annoying part of lol these security flaws is the fact that ni I’d y ever seems to get into any trouble for them.

Nobody is going to be willing to write software for anything if they have to worry that an honest mistake is going to get them sued or worse thrown in jail. Nobody deliberately writes weaknesses into their code. There are bad actors out there who devote all of their time to finding and exploiting weaknesses but they are not dumb and don't make it easy to discover who they are. Governments prosecute these bad actors when they can be identified but sometimes that takes a while. And as soon as a government takes down a malware another pops up. Here is an example, Cyclops Blink, that replaced another Russian malware called VPNFilter. Both came from a state hacking group called Sandworm.

https://arstechnica.com/information-technology/2022/04/fbi-accesses-us-servers-to-dismantle-botnet-malware-installed-by-russian-spies/

https://mytechdecisions.com/it-infrastructure/fbi-takes-down-russian-gru-sandworm-botnet-what-you-need-to-know/

Note however there is opposition among business interest in allowing the FBI or any other law enforcement agency to remotely access their systems without permission and remove software, even when said software is malware controlled by a foreign military.

Japan needs more cyber security specialists-for sure!