Toyota Ransomware Attack Compromised Personal Data

A ransomware attack against Toyota Financial Services (TFS) reported earlier this month is ongoing, with the German branch of the company announcing it had detected “unauthorized activity” on systems.

Toyota Kreditbank GmbH in Germany confirmed it was one of the impacted divisions.

“Due to an attack on the systems, unauthorized persons gained access to personal data,” the statement read. “Affected customers have now been informed. Toyota Kreditbank's systems have been gradually restarted since Dec. 1.

“We regret any inconvenience this may have caused to customers and business partners.”

The company first announced it had identified unauthorized access on its systems in Europe and Africa in November, following a claim from ransomware group Medusa that it had gained access to TFS’ systems.

The group gave the company 10 days to pay an $8 million ransom.

Now, German news outlet Heise said it received copies of letters sent to German customers informing them their data had been compromised, including their name, address, IBAN and contact details.

A Google translation of the letter reads: “According to the current status of the investigation, your last name, first name, the postcode of your place of residence and possibly other contact information… are affected.”

Related:Staples Cyberattack Disrupts Online Orders

Details on the full scope and nature of the attack have not been confirmed by TFS.