Month: May 2023

Toyota Motor Corporation, the largest automaker in the world by sales, disclosed a data breach that exposed the car location information of 2,150,000 customers between November 6, 2013, and April 17, 2023. The data breach stemmed from human error, leading to a cloud system being set to public instead of private. Data exposed due to the decade-long data breach includes vehicle locations, vehicle identification numbers and chassis numbers by drivers who signed up for the T-Connect/G-Link/G-Link Lite/G-BOOK service. Possibly, videos taken outside the vehicle were also exposed between November 14, 2016 and April 4, 2023.

Toyota pointed out that the exposed information only impacted customer in Japan, and it cannot be used to identify the owners of the vehicles, and is unware of any abuse of the exposed data.

Read more about it here.

Mobile giant T-Mobile disclosed its second data breach so far in 2023. A hacker gained access to the personal information of 836 of T-Mobile customers between late February and March. The personal information included full names, contact information, dates of birth, addresses, government ID’s, Social Security Numbers, and T-Mobile account numbers pins.

After detecting the security breach, T-Mobile reset account PINs of impacted customers.

In January 2023, T-Mobile reported another data breach affecting 37 million customers.

Read more about it here.

Hackers have reportedly been breaking into AT&T provided email addresses, and using this access to steal large amounts of cryptocurrency. While it’s not clear how many people have been impacted, one victim claimed that hackers stole $134,000 from a Coinbase account associated with a compromised email address. Email addresses with att.net, sbcglobal.net, bellsouth.net and other AT&T domain names have all reportedly been affected.

Presumably, the hackers gained access to a part of AT&T’s internal network, which allows them to create mail keys for any user. Mail keys are unique credentials that AT&T email users can use to log into their accounts using email apps such as Thunderbird or Outlook, but without having to use their passwords.

AT&T has adopted security measures to prevent similar attacks, and forced a password reset on some email accounts.

Read more about it here.