A security researcher was able to hack Toyota's supplier management system, which allows access to the company's projects, data, surveys, etc.

me

 






A security researcher was able to hack Toyota's supplier management system, which allows access to the company's projects, data, surveys, etc. 

The researcher claims he could log in simply by knowing employees' emails.


  • According to a post from the security researcher, he changed the Javascript code on the login page so that it returned a true command regardless of the credentials that were being entered.
  • He gained access to information such as:
    • Over 14,000 corporate account details,
    • confidential documents,
    • projects,
    • supplier rankings/comments, etc.
  • The stolen data belongs to users in multiple countries, including the U.S.
  • Toyota was made aware of the security flaws that led to the white-hat breach on Nov. 3, 2022.
  • One of the security bugs was ranked as severe, according to the security researcher.
  • These flaws were patched by Toyota shortly after the company was notified about their existence.

Post a Comment

Previous Next

Contact Form