The same week as the automaker announced new production pauses, it has revealed a pair of cyber-attacks.
The attack hit its European subsidiary Daihatsu Diesel Company. Daihatsu Diesel is 35%-owned by Daihatsu Motor, a Toyota subsidiary, and designs engines for the automaker.
Daihatsu “experienced a problem in accessing its file server in the internal system on 14 May 2021,” according to the company’s statement [PDF] dated May 16th. The site appears to be offline at the time of writing.
“After a brief investigation, a cyber-attack by an unauthorised access from a third party was confirmed as a cause of this issue,” the statement read.
The European manufacturer said it had no evidence of further unauthorized access or problems in other group companies.
No news about ransom demands was made.
Daihatsu stopped the servers to contain the attack, and launched an investigation. The company promised an update soon, but none has been issued by the time of writing.
As for the second attack, nits was reported by numerous Japanese news sites. According to the reports, Toyota’s US subsidiary Auto Parts Manufacturing Mississippi has revealed a ransomware attack as well.
The company believes it was a Russian cybergang behind the attacks.
It is reported that attackers managed to exfiltrate financial and customer data. The ransomware threat actor can later use it when making their financial demands. Auto Parts Manufacturing Mississippi, which makes parts for the Toyota Corolla, declined to say whether it received a ransom demand but assured there was no payment made by the company. Its operations have not disrupted either, the reports say.
These attacks came after Toyota’s decision to halt three production lines in two plants in June, due to lack of parts, and it’s widely accepted that was the case.
