Content, Asia Pacific, Breach

Toyota Supplier Cyberattacks: Timeline and Recovery Updates

OAKLAND, CALIFORNIA – FEBRUARY 06:
The Toyota logo is displayed at One Toyota of Oakland on February 06, 2019 in Oakland, California. Toyota reported a $12.6 billion loss in third quarter profits even though sales of popular vehicles like the Camry were slightly up. (Photo by Justin Sullivan/Getty Images)

Two major Toyota suppliers suffered cyberattacks in February and March 2022. Here's a timeline of what happened.

March 13, 2022: The Pandora hacker group claims to have stolen classified data from major Japanese auto parts maker Denso -- a key Toyota supplier. The attack allegedly involved ransomware. Toyota's business was not impacted by the attack. Source: NHK World Japan.

March 1, 2022: An attack targeting Kojima Industries led Toyota to shut down car production in Japan for one day, Toyota said in statements issued February 28 and March 1, 2022. Here are key takeaways from a Nikkei Asia report along with updates from Toyota and Kojima Industries:

  • Kojima Industries, a major manufacturer and supplier of plastic parts, apparently was the cyberattack victim.
  • Toyota, in turn, has suspended production across 28 manufacturing lines and 14 plants.
  • Toyota manufacturing in Japan is shut down for Tuesday, March 1 (Japan local time) and it's unclear whether production will resume on March 2.
  • Initial reports did not describe whether Kojima Industries has hired third-party incident response and/or MSSP companies to investigate the attack and assist recovery.

Some more background information on Kojima Industries is here from Dun and Bradstreet.

Blog originally published March 1, 2022. Updated March 13, 2022 with Denso cyberattack information.

Joe Panettieri

Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.