A Look Inside Toyotas Second Data Breach
April 3, 2019
March 31, 2020
Toyota just suffered its second data breach in just over a month with about 3 million customers having their data exposed. Luckily the breach seems to only contain information such as names and occupations, but after more investigation it could very well prove to be more potent. In an official statement, Toyota showed that it does not know if this data was actually leaked or not. This could prove to be very bad for the company and their customers. When you lose sight of your data, it becomes very hard to figure out where it went and who has control of it. In events like these, there could very well be additional leaked information that the company didn’t think to look at. Toyota should first perform an internal audit of where their data currently resides and who has access to it. They should then figure out how to prevent future breaches from happening by identifying their weak points. One data breach doesn’t mean that they should give up.
This breach is believed to have been a targeted attack by a hackers affiliated with the Vietnamese government. They go by the name APT32, or OceanLotus in some circles. This sophisticated group of threat actors employs various techniques that generally allow them to have their way with their victims. It is not currently known how they breached Toyota’s network but it’s hypothesized that they used information gained from a previous cyberattack on Toyota’s Australian branch as a stepping stone for this attack. The two attacks on Toyota happened about five weeks apart, which gave the attackers enough time to get a feel for Toyota’s security measures. Companies obviously do not want this to happen but it will continue to happen as long as there are not sufficient data protection measures in place. Although Toyota had their network breached, they didn’t have to lose any data. It wouldn’t even be at risk if they properly encrypted it in the first place. If hackers gain access to files that are unreadable, there’s nothing for them to look at other than error messages. This can be achieved by implementing SecureCircle within an organization.
Most data these days live under some sort of protection that does not safeguard against all threats. The solutions used tend to focus on protecting your perimeter, or virus detection. The real problem lies in the fact that there is no perimeter anymore. Data no longer resides in just your organization. It leaves it to live in Google Drive, Dropbox, or any other third party service. It is shared with other businesses to collaborate and conduct operations. There are a never ending number of places that your data could wind up in today’s business environment, so you have to start by keeping track of where everything is. SecureCircle provides detailed logs of where your files reside, who opens them, and where they are headed next. This is a key part of protecting your business. It allows you to see potential problem areas and provides the added benefit of keeping detailed records for auditors. If Toyota had complete visibility of their data then they would be able to know for sure if it had been compromised.
In addition to added visibility, Toyota would be able to enjoy encryption for all their sensitive data. Files are protected by default under SecureCircle’s opt-out methodology, making it harder for user error to occur. Too many services now employ the opposite, leaving it up to the user to decide which files to protect. This leads to the downfall of an organization’s security because all humans make mistakes. SecureCircle takes a proactive approach to data security and ensures that your organization’s data remains safe. Visit us at http://www.securecircle.com for more information.
Prevent Data Breaches
Let’s discuss your unique cybersecurity challenges and needs.
If you want to notified when we post the newest content about mitigating insider threats, data breaches, protecting source code, and DASB, please subscribe to our SecureCircle newsletter.