Toyota website attacked by rogue former employee

News by Dan Raywood

Toyota has suffered an attack on its intellectual property, which it is blaming on a former contractor.

Toyota has suffered an attack on its intellectual property, which it is blaming on a former contractor.

According to a report by Automotive News, the North American branch of the Toyota Motor company claimed that Ibrahimshah Shahulhameed illegally accessed one of its websites after he was dismissed from the company. It claimed that within hours of his dismissal, Shahulhameed logged into the website without authorisation and downloaded proprietary plans for parts, designs and pricing information for six hours.

Toyota said: “If this information were disseminated to competitors or otherwise made public, it would be highly damaging to Toyota, and its suppliers, causing immediate and irreparable damage.”

Toyota manufacturing spokesman Rick Hesterberg said that Toyota was continuing to investigate the security breach and did not know what had happened with the confidential information, or whether it may have changed hands.

He said: “We currently do not believe that any supplier data or our proprietary company information has been disseminated. It's too early to speculate on what-if's.”

Graham Cluley, senior technology consultant at Sophos, said: “What isn't clear, at this time, is whether Toyota are claiming that Shahulhameed accessed their computer systems by exploiting a vulnerability or whether they had simply not reset staff passwords that he may have had access to in his position as an IT contractor with the firm.

“The details in the Toyota case are currently unclear. But regardless of that, it's a timely reminder to all businesses to remember the importance of reviewing who has access to your systems, and to underline that changing passwords and resetting access rights is essential when a member of staff leaves the company.”


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming event 

Webcast: Understanding this year's biggest adversaries - and how to combat them 

Nation-state activity, versatile, slippery strategies and Big Game Hunting - the threats are real, dangerous and ever changing. 
Brought to you in partnership with Crowdstrike