[Security News] Toyota Exposes Location Data of 2.15 Million Vehicles for a Decade

toyota data exposure

May 2023


1. Toyota exposes location data of 2.15 million vehicles for a decade

Toyota confirmed on May 12 that a security misconfiguration has exposed the ID and location data of 2.15 million Japanese vehicles, where the database was left publicly accessible for nearly a decade between November 2013 and April 2023.

The database was managed by Toyota Connected Corporation, handling data collected by Toyota’s “Connected” service in Japan, a cloud-based platform providing a range of internet-based services. The exposed data included in-vehicle GPS terminal IDs, Vehicle Identification Numbers (VIN), time-series data of vehicle location, and some recorded footage of pre-built drive recorders. 

Although the exposed data does not contain personally identifiable information (PII), it makes it possible for a malicious actor to find out the VIN for a targeted vehicle and obtain its location history.

With more and more over-the-air features, vehicles today are highly connected and can be vulnerable to targeted cyberattacks, making it crucial for automotive manufacturers and suppliers to upgrade their data security policies and measures.

Sources: Reuters, BankInfoSecurity


2. 5.8 million PharMerica patient records stolen by Money Message ransomware gang

PharMerica, a Fortune 1000 long-term care pharmacy solution provider, disclosed on May 12 that it had suffered a cyberattack that compromised the personal information of 5,815,581 patients. The provider operates over 180 facilities in all 50 states.

The attack was said to have taken place on March 14, with follow-up investigations showing that the threat actors stayed in the company’s systems for two days and exfiltrated patient records. These contained patient names, contact information, Social Security Numbers, health insurance information, and prescription details.

The Money Message ransomware gang claimed responsibility for the attack by posting these data on its leak site in April. An emerging threat, the ransomware group became active in early 2023 and became widely known for attacking Taiwanese PC supplier MCI in April.

Sources: SC Media, Bleeping Computer


3. Newly discovered “Migraine” vulnerability allows bypass of macOS security

Security researchers at Microsoft discovered a new vulnerability in macOS. Dubbed “Migraine”, the vulnerability (CVE-2023-32369) allows users with root access to bypass System Integrity Protection (SIP) and perform arbitrary operations on a Mac device.

SIP is a security measure in macOS that blocks a root user from performing operations that may compromise a Mac device’s integrity, restricting their access to sensitive system files and directories. Bypassing SIP could thus enable attackers to install rootkits and create persistent malware, establishing an environment for further intrusion.

The vulnerability was reported by Microsoft to Apple and later patched on May 18.

Sources: SC Media, Infosecurity


Check out Penta Security’s product lines:

Web Application Firewall: WAPPLES

Database Encryption: D’Amo

Identity and Access Management: iSIGN+ 

Car, Energy, Factory, City Solutions: Penta IoT Security