"Toyota Scrambles to Patch Customer Data Leak"

Toyota Italy leaked sensitive information for over one-and-a-half years, until March of this year. It revealed secrets for its Salesforce Marketing Cloud and Mapbox Application Programming Interfaces (APIs). On February 14, the Cybernews research team found an environment file (.env) hosted on the official Toyota Italy website. By abusing the exposed data, threat actors could access phone numbers, email addresses, customer tracking information, push notification contents, and more. These credentials could further be misused to send fraudulent SMS messages and emails, change and launch marketing campaigns, develop automation scripts, edit information associated with the Salesforce Marketing Cloud, and even send push alerts to Toyota's customers. This article continues to discuss the Toyota customer data leak, the potential impact this leak could have on the company's customers, and Toyota's response to the leak. 

Cybernews reports "Toyota Scrambles to Patch Customer Data Leak"