Car manufacturer Toyota is taking legal action against an ex-employee it claims hacked into its computer systems following his dismissal from the company.
According to a report in Automotive News, the man, Ibrahimshah Shahulhameed, had been employed as an IT contractor. After his contract was terminated it is alleged he hacked into Toyota’s computer system and sabotaged software. He also stole proprietary plans for parts, other designs and pricing information, the report said.
It seems Shahulhameed spent six hours in Toyota’s systems, including accessing a supplier’s portal (http://toyotasupplier.com/). As well as stealing the data it is alleged he modified 13 software applications.
Toyota has responded by filing a complaint in the US District Court in Lexington, Kentucky. The company claims that if the stolen information was made public it would be "highly damaging to Toyota, and its suppliers, causing immediate and irreparable damage."
Toyota has been granted an order that bans Shahulhameed from releasing any of the information or leaving the country.
It is not known at the moment whether Shahulhameed hacked his way into the system or if his log-in credentials were still active, despite his contract being terminated. The disgruntled employee attack is all too common, Graham Cluley of Sophos said.
"It’s a timely reminder to all businesses to remember the importance of reviewing who has access to your systems, and to underline that changing passwords and resetting access rights is essential when a member of staff leaves the company," he wrote.
"People do, of course, leave jobs all the time and most of them would never dream of logging back in to their old place of work. But it only takes one bad apple to wreak havoc – so make sure your defences are in place, and that only authorised users can access your sensitive systems," Cluley added.
