Hacker Cracks Toyota Customer Search Tool

  /     /     /  
Publicated : 23/11/2024   Category : security


Hacker Cracks Toyota Customer Search Tool


Flaw in Toyotas C360 customer relationship management tool exposed personal data of unknown number of customers in Mexico, a disclosure says.



A production API in Toyotas C360 customer relationship management (CRM) tool loaded with the personal information of an unknown number of the carmakers customers in Mexico was found to expose reams of sensitive data.
A disclosure from threat hunter Eaton Zveare outlines how it was possible to access Toyota customers names, addresses, phone numbers, emails, and tax identification numbers, as well as vehicle ownership and service history stored in the C360 CRM.
After reporting the issue to Toyota, Zveare said the sites were taken offline, and the
APIs
were secured so that they now require an authentication token.
I would like to stress that I do not know how many customers are in this CRM, Zveare
wrote
. There wasnt a user list — it was only possible to search for customers by name, ID, phone number, or email address.

Last News

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Hacker Cracks Toyota Customer Search Tool