IT security incidents at Microchip and Toyota
Online criminals have tapped into large amounts of data at Toyota. An IT incident slows down production at IC manufacturer Microchip.
(Image: Bild erstellt mit KI in Bing Designer durch heise online / dmk)
IT incidents at industry giants have recently come to light. IC manufacturer Microchip has suffered a reduction in production, and Toyota has lost large amounts of data.
The criminal organization ZeroSevenGroup claims in an underground forum to have broken into Toyota and stolen around 240 GB of data. According to the report, they broke into a Toyota branch in the United States and gained access to data such as contacts, finances, customers, employees, photos, databases, network infrastructure, emails and a "lot of perfect data". The data is said to be freely downloadable via links provided. However, the files show a date of December 25, 2022. It remains unclear when the break-in took place.
Toyota break-in: real or not?
Toyota initially admitted to BleepingComputer: "We are aware of the situation. The problem is limited in scope and not a system-wide issue." The company added that it is in contact with those affected and is providing support where it is needed. Toyota did not say when the intrusion took place, when it was discovered or how the attackers gained access, or how many people's data was affected. The following day, Toyota backtracked and also told other media that Toyota Motor North America's systems had not been compromised and had not been broken into. The data had apparently been stolen by a third party that was falsely identified as Toyota. However, Toyota did not reveal which company was involved.
Meanwhile, IC manufacturer Microchip, which produces various electronic components for the automotive sector such as voltage converters or microprocessors such as the ATmega used in Arduinos in the USA, has submitted a so-called K8 form. Listed companies must use it to report IT incidents to the Securities and Exchange Commission (SEC).
Microchip: Production restrictions due to cyber intrusion
The K8 form filed on Tuesday of this week discusses that Microchip noticed potentially suspicious activity in its IT systems on Saturday, August 17. Following the discovery, the company reportedly took steps to contain and defend against the potentially unauthorized activity. On Monday, August 19, the company discovered that unauthorized third parties had interrupted the use of certain servers and business operations. As a result, Microchip took further steps to deal with the incident, including isolating the affected systems, shutting down some systems and launching an investigation with the help of external cybersecurity experts.
As a result, some production sites were operating at lower rates than usual. The company's ability to fulfill orders has been impacted. The company is working diligently to bring the affected parts of the IT systems back online, resume normal business operations and limit the impact of the incident. The investigations are still ongoing. The full extent, origin and impact of the IT incident are still unknown. It is not yet possible to assess whether the incident will have an impact on the company's finances or business results.
Microchip is not discussing whether ransom demands have been made, i.e. whether it is a ransomware attack, or who is behind the attack.
At the end of July, the German government announced that there had already been 42 cyberattacks on German economic institutions since 2022. This is one of the most important threats to organizations and companies at present. Such attacks occur daily.
(dmk)
