Attackers Rip 240GB of Data from Toyota

share
Header image

Attackers Rip 240GB of Data from Toyota

share

Threat actor ZeroSevenGroup exfiltrated various types of data.

Toyota has confirmed that its network was subjected to a limited compromise.

Following threat actor ZeroSevenGroup's exposure of 240GB of data purportedly stolen from the Japanese multinational automaker's US branch.

According to BleepingComputer, infiltration of the Toyota branch has enabled the exfiltration not only of data from customers and employees, but also financial information, contracts, emails, and network infrastructure details, which have been obtained through the ADRecon tool, claimed ZeroSevenGroup.

Attackers were noted by BleepingComputer to potentially have obtained backup data server access after the theft or creation of the exposed files was discovered to have occurred on Christmas 2022.

Guido Grillenmeier, principal technologist at Semperis said there is evidence in this breach that the threat actors targeted the company’s Active Directory, using a scraping tool to elevate their privileges, gather further credentials and information about the network with the goal to extract vast amounts of data.

“The one constant that does exist in cyber-attacks is the criminal intent of the threat actors: they are coldblooded and typically motivated by financial gain,” he said. “Unfortunately, as is the case in approximately 90 percent of cyber-attacks, identity system compromise occurs, most often Active Directory or Entra ID, which stores the crown jewels of a business by managing all permissions to a company’s data.”

Written by
Dan Raywood Senior Editor SC Media UK

Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.

Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.

Data Breach Published: 21 August Written by
Dan Raywood Senior Editor SC Media UK

Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.

Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.

Related content

Microsoft Considers Out-of-Kernel Operations for Security Solutions

Microsoft Considers Out-of-Kernel Operations for Security Solutions

 Kawasaki Motors Europe Recovers After Data Theft

Kawasaki Motors Europe Recovers After Data Theft

 Attacker Claims Attack on Capgemini

Attacker Claims Attack on Capgemini
London Branch of Chinese Bank Faces Dilemma Over Stolen Files

London Branch of Chinese Bank Faces Dilemma Over Stolen Files

 ICO Reprimands Surrey Police Over FOI Backlog

ICO Reprimands Surrey Police Over FOI Backlog

 Teenager Arrested Over TfL Cybersecurity Disruption

Teenager Arrested Over TfL Cybersecurity Disruption
Third of Cyber-Attacks Lead to Employee Dismissals

Third of Cyber-Attacks Lead to Employee Dismissals

Upcoming Events

24
Oct
Webinar

Securing Data in the Cloud: Advanced Strategies for Cloud Application Security

Discussing the current trends in cloud security, focusing on the challenges of hybrid environments

In this live webinar, join security specialists from OPSWAT to discuss the current trends in cloud security, focusing on the challenges of hybrid environments, including diminished visibility and weakened threat detection.

image image
Find out more chevron_right