The vehicle data of 2.15 million Toyota users in Japan had been publicly available for a decade due to human error, the carmaker said on Friday.
The issue affected almost the entire customer base who signed up for Toyota’s main cloud service platforms since 2012 and also customers of its luxury brand Lexus.
The leak stemmed from human error, after a cloud system was set to public instead of private, a Toyota Motor spokesperson said.
The issue began in November 2013 and lasted until mid-April this year, the spokesperson said. It could encompass details such as vehicle locations and identification numbers of vehicle devices, but there were no reports of malicious use, the company said.
“There was a lack of active detection mechanisms, and activities to detect the presence or absence of things that became public,” the spokesperson said in response to why it took time to realise there had been an error.
Toyota said it would introduce a system to audit cloud settings, establish a system to continuously monitor settings, and thoroughly educate employees on data handling rules.
Affected customers included those who signed up for the T-Connect service that provides a wide range of services including AI voice-enabled driving assistance, auto connection to call centres for vehicle management, and emergency support in such cases as a traffic accident or sudden illness.
Also affected were users of G-Link, a similar service for owners of Lexus vehicles.
The incident comes as the world’s biggest automaker by sales makes a push into vehicle connectivity and cloud-based data management which are seen as crucial to offering autonomous driving and other artificial intelligence-backed features.
Japan’s Personal Information Protection Commission has been informed about the incident, one of its officials said, but declined to provide further details, in line with its practice of not commenting on individual incidents.
Toyota said steps to block outside access to the data were taken after the issue was discovered and an investigation into all cloud environments managed by Toyota Connected Corp was being carried out.
Large leaks of personal data occasionally happen in Japan. In March, mobile carrier NTT DoCoMo said data of up to 5.29 million customers may have leaked via a company to which it outsourced work.
The incident adds to a raft of challenges facing Koji Sato who took over as Toyota CEO on April 1 from Akio Toyoda, grandson of the company’s founder.
Since he took office, Toyota has admitted safety test problems at its affiliate Daihatsu. It has also received a shareholder proposal from a trio of European asset managers to improve disclosure of its lobbying on climate change.
Officials from some of the world's biggest cities are in Washington to lobby for better…
China announces "anti-dumping penalties" on imports of a US chemical and orders Apple to cut…
Chinese companies invested in included the Aviation Industry Corp of China, a defence conglomerate that…
US tech giant said Beijing ordered it to cut the messaging apps because of national…
Israel’s missile attack on Iran sent investors heading for safe-haven currencies, gold and crude oil
Multi-year satellite study finds 45% of big Chinese cities are subsiding over 3mm a year,…