Toyota PH warns of ‘potential’ harm to customer privacy
MANILA — The Philippine unit of Japanese automotive giant Toyota Motor Corp. has confirmed that a portion of their records have been leaked, which compromised information that include sensitive customer data.
In an advisory issued on Thursday night, Toyota Motor Philippines (TMP) said the “unauthorized disclosure” of the data involved “unintentional human error” related to confidential information on “some” of the registered users of the MyToyota mobile app.
“We continue to investigate security issues and cooperate with the appropriate government authorities,” TMP president Masando Hashimoto said in the notice. “Rest assured that we will continue to update the affected customers on the progress of this probe,”
Still the official said that the integrity and availability of the data remain intact and that any data regarding financial transactions is not part of the disclosure.
Hashimoto also said that affected customers have also been immediately informed.
He apologized to customers, but also reminded registered users of their mobile app “to be vigilant and cautious of potential privacy harms due to said incident.”
Article continues after this advertisementREAD: Toyota PH, Robinsons Land hit by data breach
Article continues after this advertisementAccording to TMP, customers who are concerned about the data leak can contact their customer assistance center through the number (02) 819-2912 or the email address [email protected].
TMP’s data protection officer can also be reached through [email protected]
A terabyte of data
Earlier, the National Privacy Commission (NPC) said that TMP had notified them of the breach on May 14.
The NPC was mum on details of the extent of the breach, although an online group dedicated to publishing data leaks posted details about the breach.
In its account, the group Deep Web Konek said the Toyota data leak exposed over a terabyte of data spanning from 2016 to 2024.
The group said this includes sensitive customer information such as full names, addresses, bank documents, valid IDs such as passports and national IDs, email addresses, and photographs of sensitive documents.
The group and the NPC said that Robinsons Land Corp. was also hit.