Hacker Cracks Toyota Customer Search Tool

Flaw in Toyotas C360 customer relationship management tool exposed personal data of unknown number of customers in Mexico, a disclosure says.

A production API in Toyotas C360 customer relationship management (CRM) tool loaded with the personal information of an unknown number of the carmakers customers in Mexico was found to expose reams of sensitive data.
A disclosure from threat hunter Eaton Zveare outlines how it was possible to access Toyota customers names, addresses, phone numbers, emails, and tax identification numbers, as well as vehicle ownership and service history stored in the C360 CRM.
After reporting the issue to Toyota, Zveare said the sites were taken offline, and the
APIs
were secured so that they now require an authentication token.
I would like to stress that I do not know how many customers are in this CRM, Zveare
wrote
. There wasnt a user list — it was only possible to search for customers by name, ID, phone number, or email address.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Hacker Cracks Toyota Customer Search Tool