A threat actor group, ZeroSevenGroup, claims to have successfully hacked a branch of Toyota, one of the world’s largest automotive manufacturers. The group alleges that it has gained access to an extensive range of sensitive data and has shared the files for free online.
According to the threat actor, the breached data includes 240 GB of information covering everything from contacts, financial records, customer data, and employee details to network infrastructure, email communications, and databases. They further claim to have obtained detailed Active Directory Recon (AD-Recon) data for the entire target network, including passwords.
The group stated: “We’re not kidding, we’ve been on the network for a long time,” implying they had persistent access to Toyota’s U.S. branch before making the breach public.
