Toyota Financial Services (TFS) is warning customers it suffered a data breach, stating that sensitive personal and financial data was exposed in the attack.
Toyota Financial Services, a subsidiary of Toyota Motor Corporation, is a global entity with a presence in 90% of the markets where Toyota sells its cars, providing auto financing to its customers.
Last month, the company confirmed that it detected
unauthorized access on some of its systems in Europe and Africa, following a claim from Medusa ransomware about successfully compromising the Japanese automaker's division.
The threat actors demanded a payment of $8,000,000 to delete the stolen data and gave Toyota 10 days to respond to their blackmail.
At the time, a Toyota spokesperson told BleepingComputer that the company had detected unauthorized access on some of its systems in Europe and Africa. The company took certain systems offline to contain the breach, which impacted customer services.
Presumably, Toyota has not negotiated a ransom payment with the cybercriminals, and currently, all data has been leaked on Medusa's extortion portal on the dark web.
