Security Advisory: Toyota Confirms Ransomware Attack, Data Breach

RGSA 11-20-23-01

Date: November 20, 2023

Introduction

Toyota Finance Services (TFS), a subsidiary of the well-known automaker, has confirmed that they were hit with a ransomware attack. TFS detected unauthorized access to some of its systems in Africa and Europe after cybercriminals claimed an attack on the company. The cybercriminals, also known as the Medusa ransomware gang, claims responsibility for the attack.

Summary Of the Incident

The Medusa ransomware gang had listed ‘Toyota Financial Services’ to its data leak site on the dark web and demanded a ransom payment of $8,000,000 to delete allegedly stolen data. The cybercriminals published sample data that included financial documents, hashed account passwords, passport scans, etc. to prove the intrusion. As of right now, the incident is limited to Toyota Financial Services Africa & Europe. A spokesperson announced that the process of bringing their systems back online is already underway.

How to Stay Safe

Reset All Passwords – If you are reusing passwords across different websites, reset those passwords and employ hard-to-guess, complex passwords on those websites.
Password Manager – To keep track of your complicated passwords, think about investing in a password manager. Password managers, like 1Password, place a secret key on your password manager to add a unique extra layer of security.

A man reading a security advisory on a tablet

How Richter Guardian can help you

Richter Guardian can help you determine if some of your user accounts were involved in a previous breach:

Our platform can determine compromised credentials through comprehensive dark web monitoring.

Call us or send us an email at: +1 844-908-3950 and support@richterguardian.com if you are unsure about a situation.