After the Medusa Group's successful attack and data theft on Toyota Financial Services (TFS), the group demanded $8 million to delete the data. Since Toyota didn't pay, all the data is now available on the darknet.
The attack on Toyota Financial Services Europe & Africa (TFS) took place on November 14.11.2023, XNUMX. Shortly thereafter, TFS released a notice that all networks had been shut down as a precautionary measure due to unauthorized activity on the systems.
Blackmail countdown has expired
Shortly after the report by TFS, the Medusa Group published a note on its leak page that Toyota Financial Services (TFS) has been successfully attacked and is now demanding a ransom of $8 millionto delete the data. The countdown has been over for some time now, but the data has now been placed on the dark web. File samples show many tables and letters in small screenshots.
Now TFS has also reacted and sent all affected customers a letter informing them of the data loss. In it, TFS writes: "...we would like to inform you about an incident that affects your personal data. What happened? After we, Toyota Kreditbank GmbH ("TKG"), noticed unusual activity on our network, we immediately initiated an internal investigation into the incident, which we are conducting with the support of a leading cybersecurity company. In the course of the ongoing investigations, we have found indications that an unauthorized party has gained access to certain TKG files...According to our current knowledge, this information also includes personal data that concerns you."
Informed customers about data loss
"Which personal data is affected? According to the current status of the investigation, your surname, first name, the postcode of your place of residence and possibly other contract information such as contract amount, possible dunning status and your IBAN (International Bank Account Number) are affected..."
According to various media, TFS was unable to collect any leasing or loan installments and now has some work to do. At least Toyota is also continuing the trend of not paying in the event of blackmail. More and more companies are taking this route. After all, every unpaid Bitcoin is less money for further attacks. There are now even voices in the USA that want to legally ban paying a ransom.
More at Toyota.eu