Cyber Hygiene
Security Risks From Employees Working From Home
Audits Don't Solve Security Problems
Is 'Discover, Classify, Protect' Wrong In Cybersecurity Today?
Breadth Vs. Depth: Cybersecurity Industry Has Been Focusing On The Wrong Thing
Third Party Vendors
The Rise Of DASB, Sunset Your DLP
How to Prevent Source Code Modification & Leaks
End Source Code Theft
Why Isn't DLP Preventing Data Breaches and Data Leakage?
SecureCircle Data Access Security Broker (DASB) Selected By Quanta Storage To Eliminate Insider Threats
Organizations Should Bulk Up Cybersecurity In Case Of Iranian Cyber Attack
The Evolution of Data Protection
Ransomware stealing data before encrypting
Insider Threats Infographic
Who collected 4 billion records on 1.2 billion users?
Cisco Systems - Target of Malicious Insiders
New Yorks SHIELD Act
Insider Threat at Lion Air (Update)
How to Prevent the Lion Air Databreach
CIO IT Taiwan | SecureCircle 控管檔案讀取 權不怕合作生變造成洩密
How to Prevent the Mastercard Data Breach
Capital One Hacker Breached 30 Companies Through a Single Cloud Provider
Government Organizations Are Not Ready for Cyberattacks
How to Prevent the Boeing Data Leak
End Insider Threats Without Impacting Users Or Business Workflow
Singapore Overhauling Data Protection Practices
SecureCircle available on Taiwan Government CloudMarketplace
SecureCircle placed on UK Government Framework Catalogue
The New Federal Data Strategy
SecureCircle announces United Kingdom and EMEA Distributor, Care21
Quest Diagnostics and LabCorp in Trouble
Insider Threat in the Air Force
Disruptor Daily | What trends are shaping cybersecurity in 2019?
Disruptor Daily | What is the future of cybersecurity? Experts share their insights
How to Combat the Business Email Compromise Scam
How to Prevent Government Data Breaches
Availability Bias in Cybersecurity
How to Minimize Your Exposure to Employee Mistakes
A Look Inside Toyotas Second Data Breach
Four Keys to Data-Centric Data Protection
Asymmetric Information Causes Data Breaches
SecureCircle Introduces Send Secure for Agentless Protected Data Sharing
The Financial Consequences of a Data Breach
Insider Threats Can Happen to Anyone
Federal Data Privacy Laws Are Coming
Forget Collection 1: Here comes Collections 2-5
Forbes | 10 Industries On The Cusp Of Technological Disruption
Collection 1: Not a Big Deal?
It All Adds Up: Better Cybersecurity is a Necessity in 2019
Why New Year Resolutions Fail
9 Costly Security Mistakes
Security InfoWatch | The Last Mile Security at the Edge
2019 Security Predictions(Infographic)
Security Today | Rethinking Access Control
We love what we do - 2018 Review (Infographic)
Holiday Hacks Are Not Going Away
Solving Multi-Cloud Security
A better solution than web bugs for internal visibility
Why File Encryption is not enough - A Customer Conversation
Security, Visibility, and Control
SecureCircle Introduces Enhanced Cybersecurity Offering for Cloud-First Enterprises
Healthcare Needs a Change
What is old is new: Cold Boot Attacks
Inside Information - Data that should NEVER leave the organization
CTimes | SecureCircle and Netbridge Distribution Partnership (Chinese)
SecureCircle Announces Asia Pacific Distributor, NetBridge Technologies
Insider Threats
CSO | The hidden security problem we all need to know about
Opt-Out is more than blocking SPAM
What is Opt-Out Data Centric Protection? And why is it so important
Digital Hygiene in a GDPR World
Security Info Watch | Enterprises Beware: Cybersecurity Challenges in the Cloud
GDPR Readiness (Infographic)
The Lost Laptop
Strategic Finance | Security in a World of Zero Trust
Reading Between the Lines - The Real Impact of Insider Threat (Infographic)
Protecting Internal Data
Press & News Embargos
CSO | GDPR: Where are we now?
SecureCircle @ CIAB FEBRABAN, Sao Paulo Brazil - The Recap
California Consumer Privacy (The next generation of GDPR)
I am safe. My data is encrypted. Right?
University of Texas MD Anderson Cancer Center ordered to pay $4.3 million in HIPAA violations
Is my Air Gapped Computer Safe?
The Broken 80/20 Rule
SecureCircle and Fiandeira Tecnologia Showcase Unstructured Data Solution at CIAB FEBRABAN
SecureCircle will be exhibiting at CIAB Sao Paulo Brazil June 2018
Throw Tech Away - The Rise of a New Generation of Data Security
GDPR Compliance Tips: The Top Experts Speak
Are you ready for a password-less world?
CSO | The Impact of Human Behavior on Security
Account compromised? What about your file content?
Age old discussion: Convenience versus Security
SDxCentral | Four Security Myths You Need to Shake
Security Today | Digital Security in a Zero Trust World
MegaMinds AIthority Interview with Jeff Capone
2018 Govies Awards
Data Protection needs to be agnostic like Switzerland

A Look Inside Toyotas Second Data Breach

Written by 
April 3, 2019
March 31, 2020

Toyota just suffered its second data breach in just over a month with about 3 million customers having their data exposed. Luckily the breach seems to only contain information such as names and occupations, but after more investigation it could very well prove to be more potent. In an official statement, Toyota showed that it does not know if this data was actually leaked or not. This could prove to be very bad for the company and their customers. When you lose sight of your data, it becomes very hard to figure out where it went and who has control of it. In events like these, there could very well be additional leaked information that the company didn’t think to look at. Toyota should first perform an internal audit of where their data currently resides and who has access to it. They should then figure out how to prevent future breaches from happening by identifying their weak points. One data breach doesn’t mean that they should give up.

This breach is believed to have been a targeted attack by a hackers affiliated with the Vietnamese government. They go by the name APT32, or OceanLotus in some circles. This sophisticated group of threat actors employs various techniques that generally allow them to have their way with their victims. It is not currently known how they breached Toyota’s network but it’s hypothesized that they used information gained from a previous cyberattack on Toyota’s Australian branch as a stepping stone for this attack. The two attacks on Toyota happened about five weeks apart, which gave the attackers enough time to get a feel for Toyota’s security measures. Companies obviously do not want this to happen but it will continue to happen as long as there are not sufficient data protection measures in place. Although Toyota had their network breached, they didn’t have to lose any data. It wouldn’t even be at risk if they properly encrypted it in the first place. If hackers gain access to files that are unreadable, there’s nothing for them to look at other than error messages. This can be achieved by implementing SecureCircle within an organization.

Most data these days live under some sort of protection that does not safeguard against all threats. The solutions used tend to focus on protecting your perimeter, or virus detection. The real problem lies in the fact that there is no perimeter anymore. Data no longer resides in just your organization. It leaves it to live in Google Drive, Dropbox, or any other third party service. It is shared with other businesses to collaborate and conduct operations. There are a never ending number of places that your data could wind up in today’s business environment, so you have to start by keeping track of where everything is. SecureCircle provides detailed logs of where your files reside, who opens them, and where they are headed next. This is a key part of protecting your business. It allows you to see potential problem areas and provides the added benefit of keeping detailed records for auditors. If Toyota had complete visibility of their data then they would be able to know for sure if it had been compromised.

In addition to added visibility, Toyota would be able to enjoy encryption for all their sensitive data. Files are protected by default under SecureCircle’s opt-out methodology, making it harder for user error to occur. Too many services now employ the opposite, leaving it up to the user to decide which files to protect. This leads to the downfall of an organization’s security because all humans make mistakes. SecureCircle takes a proactive approach to data security and ensures that your organization’s data remains safe. Visit us at for more information.

Prevent Data Breaches

Let’s discuss your unique cybersecurity challenges and needs.

Contact Us

If you want to notified when we post the newest content about mitigating insider threats, data breaches, protecting source code, and DASB, please subscribe to our SecureCircle newsletter.