Toyota Italy suffered a data leak, which exposed sensitive data for over 1.5 years, giving attackers access to its marketing tools. The leak affected Toyota’s Salesforce Marketing Cloud and Mapbox APIs, giving threat actors the ability to gain access to customer phone numbers and email addresses to launch phishing attacks.
Researchers discovered an environment file (.env) hosted on the official Toyota Italy website in February, which contained exposed credentials to the Salesforce Marketing Cloud.
Attackers could use the exposed data to access customer tracking information and edit content tied to the Salesforce Marketing Cloud, among other activities.
Although Toyota has not disclosed the extent of the data breach, the car manufacturer confirmed that it had taken additional measures to strengthen its cybersecurity systems and protocols.
Statista projects that Toyota Italy’s revenue will reach approximately $1.8 billion in 2023, with vehicle sales nearly reaching 83,000. Toyota is the biggest vehicle manufacturer globally, with over 370,000 employees and around $267 billion in revenue in 2022. The company has been present in Italy for more than half a century.
The exposed data could have been used to launch sophisticated phishing campaigns, with attackers having access to Toyota’s official communication channels.
Attackers could use the credentials to send bogus SMS messages and emails, edit and launch marketing campaigns, and even create automation scripts.
Toyota Italy also exposed Mapbox’s application programming interface tokens, which could be used to query a lot of requests and rack up the cost for API usage for Toyota. Toyota has reported the incident to the relevant Italian authorities and is fully cooperating with the ongoing investigation.
