Medusa Group publishes all Toyota FS data on the dark web

B2B Cyber ​​Security ShortNews

Share post

After the Medusa Group's successful attack and data theft on Toyota Financial Services (TFS), the group demanded $8 million to delete the data. Since Toyota didn't pay, all the data is now available on the darknet.

The attack on Toyota Financial Services Europe & Africa (TFS) took place on November 14.11.2023, XNUMX. Shortly thereafter, TFS released a notice that all networks had been shut down as a precautionary measure due to unauthorized activity on the systems.

Blackmail countdown has expired

🔎 After the countdown expired and the ransom was not paid, the Medusa Group placed the data stolen from Toyota Financial Services on the darknet (Image: B2B-CS).

Shortly after the report by TFS, the Medusa Group published a note on its leak page that Toyota Financial Services (TFS) has been successfully attacked and is now demanding a ransom of $8 millionto delete the data. The countdown has been over for some time now, but the data has now been placed on the dark web. File samples show many tables and letters in small screenshots.

Now TFS has also reacted and sent a letter to all affected customers informing them of the data loss. There TFS writes: “…we would like to inform you about an incident involving your personal data, What happened? After we, Toyota Kreditbank GmbH (“TKG”) noticed unusual activity on our network, we immediately initiated an internal investigation into the incident, which we are conducting with the support of a leading cybersecurity company. “In the course of the ongoing investigations, we have found evidence that an unauthorized party has gained access to certain TKG files...According to the current state of knowledge, this information also includes personal data relating to you.”

Informed customers about data loss

“Which personal data is affected? According to the current status of the investigation, your last name, first name, the postal code of your place of residence and possibly other contract information such as the contract amount, any dunning status and your IBAN (International Bank Account Number) are affected..."

According to various media, TFS was unable to collect any leasing or loan installments and now has some work to do. At least Toyota is also continuing the trend of not paying in the event of blackmail. More and more companies are taking this route. After all, every unpaid Bitcoin is less money for further attacks. There are now even voices in the USA that want to legally ban paying a ransom.

More at


Matching articles on the topic

Report: 40 percent more phishing worldwide

The current spam and phishing report from Kaspersky for 2023 speaks for itself: users in Germany are after ➡ Read more

BSI sets minimum standards for web browsers

The BSI has revised the minimum standard for web browsers for administration and published version 3.0. You can remember that ➡ Read more

Stealth malware targets European companies

Hackers are attacking many companies across Europe with stealth malware. ESET researchers have reported a dramatic increase in so-called AceCryptor attacks via ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Test: Security software for endpoints and individual PCs

The latest test results from the AV-TEST laboratory show very good performance of 16 established protection solutions for Windows ➡ Read more

AI on Enterprise Storage fights ransomware in real time

NetApp is one of the first to integrate artificial intelligence (AI) and machine learning (ML) directly into primary storage to combat ransomware ➡ Read more

FBI: Internet Crime Report counts $12,5 billion in damage 

The FBI's Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which includes information from over 880.000 ➡ Read more