TNZ spared data spill embarrassment

/

Up to 10 years’ worth of customer info became accessible to public scrutiny due to simple mistake in Japan.

KIWI owners can stand easy - New Zealand has not been drawn into an embarrassing saga that has allowed years of Toyota customer information accrued in Australia, Japan and seemingly other Oceania countries to become public.

Toyota head office has admitted to a human error behind the issue, which was reported in Australia last week, has made headlines in the brand’s home country but has not gained publicity here.

The world’s leading car maker, also the dominant new car seller nationally, says the vehicle data and personal information of customers may have been publicly accessible due to a cloud storage system it uses being set to public instead of private.

In respect to Toyota Australia, customer information that might have been accessible externally included names, addresses, phone numbers, email addresses, and vehicle identification and registration numbers.

The information for that market may have been accessible between October 2016 and May 2023.

In Japan, it appears the vehicle data of more than two million customers had been available for nearly a decade — from late 2013 to April this year — because of the error.

 Approached for comment on June 1, Toyota New Zealand provided a response today. 

“We are pleased to confirm our customer information in New Zealand has not been involved in the recently announced data leak,” said Sarah-Kate Sinclair, communications specialist, marketing.

Initially Toyota Australia said its customers were not affected. It since backtracked on that and said no personal financial details were made public.

"At the time of that … notification, it was our understanding that no Australian data was included but, upon continued investigation, we now know that a comparatively small number of Australian records have been impacted," a Toyota Australia spokesperson said.

“Our investigations have found no evidence that the data has been accessed, and we have concluded that the probability is extremely low that any third party could have accessed it.

“While the data may include vehicle information, as well as some personal information such as names and some contact information, no personal financial details are included.”

Toyota Australia has been working to get in touch with customers affected directly to advise them of the situation, a report by the Reuters news agency says.

Toyota Australia understood customers in other countries in Asia and Oceania were affected.

Toyota Japan has yet to say how many or in which countries. The parent company said it was investigating the issue based on the laws and regulations of each country.