Straitstimes.com header logo

Toyota says some customers in Asia, Oceania face risk of data leak

Sign up now: Get ST's newsletters delivered to your inbox

Information that may have been accessible externally included names, vehicle identification and registration numbers.

Toyota did not say how many customers were affected by the incident and in which countries they are located exactly.

PHOTO: REUTERS

Follow topic:

TOKYO - Toyota Motor Corp said on Wednesday that information on customers in some countries in Oceania and Asia, excluding Japan, may have been left publicly accessible from October 2016 to May 2023.

Customer information that may have been accessible externally included names, addresses, phone numbers, e-mail addresses, as well as vehicle identification and registration numbers, the company said.

The incident follows its announcement in May that the

vehicle data of 2.15 million users in Japan,

or almost the entire customer base who had signed up for its main cloud service platforms since 2012, had been publicly available for a decade because of human error.

The world’s largest automaker by sales said the latest issue was discovered when it launched a broad investigation into cloud environments managed by Toyota Connected Corp following the earlier incident.

“As we believe that this incident also was caused by insufficient dissemination and enforcement of data-handling rules... we have implemented a system to monitor cloud configurations,” Toyota said.

The issue arose because of a setting error in the cloud environment where the automaker stored customer data collected by overseas dealers for handling and managing maintenance inspections of vehicles.

Toyota is investigating the issue based on the laws and regulations of each country, said a company spokesman.

Toyota did not say how many customers may have been affected by the incident, which countries they are in exactly, and whether customers of its luxury Lexus brand were affected.

Through Connected, which is majority owned by the automaker, Toyota offers individual and business customers mobility solutions, such as a smart-key function, a 24-hour operator, and location-based route guidance and traffic congestion information services.

Only part of customers’ information may have been externally accessible, the company said.

Toyota said it had investigated whether there were any third-party copies or use of its customer data and found no evidence of such use, adding that vehicle location and credit card information were not included in the incident.

It said customer information “may have been potentially accessible externally” but did not elaborate on how the information could have been accessed.

The company had uncovered the incident announced in May by chance, during inspections that started on April 7, the spokesman said. REUTERS

More on this topic
Toyota says more than 2 million face risk in vehicle data leak in Japan
Toyota delivers 22% profit jump in Q3 2022 despite supply chain challenges
See more on

E-paper

Newsletters

Podcasts

RSS Feed

About Us

Terms & Conditions

Privacy Policy

Need help? Reach us here.

Advertise with us

Download the app

Get unlimited access to exclusive stories and incisive insights from the ST newsroom
Subscribe Placeholder
MDDI (P) 046/10/2025. Published by SPH Media Limited, Co. Regn. No.202120748H. Copyright © 2025 SPH Media Limited. All rights reserved.