View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
August 30, 2012

Toyota falls victim to ex-employee hack attack

IT contractor accessed systems and stole sensitive corporate data following dismissal

By Steve Evans

Car manufacturer Toyota is taking legal action against an ex-employee it claims hacked into its computer systems following his dismissal from the company.

According to a report in Automotive News, the man, Ibrahimshah Shahulhameed, had been employed as an IT contractor. After his contract was terminated it is alleged he hacked into Toyota’s computer system and sabotaged software. He also stole proprietary plans for parts, other designs and pricing information, the report said.

It seems Shahulhameed spent six hours in Toyota’s systems, including accessing a supplier’s portal (https://toyotasupplier.com/). As well as stealing the data it is alleged he modified 13 software applications.

Toyota has responded by filing a complaint in the US District Court in Lexington, Kentucky. The company claims that if the stolen information was made public it would be "highly damaging to Toyota, and its suppliers, causing immediate and irreparable damage."

Toyota has been granted an order that bans Shahulhameed from releasing any of the information or leaving the country.

It is not known at the moment whether Shahulhameed hacked his way into the system or if his log-in credentials were still active, despite his contract being terminated. The disgruntled employee attack is all too common, Graham Cluley of Sophos said.

"It’s a timely reminder to all businesses to remember the importance of reviewing who has access to your systems, and to underline that changing passwords and resetting access rights is essential when a member of staff leaves the company," he wrote.

Content from our partners
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape
Green for go: Transforming trade in the UK

"People do, of course, leave jobs all the time and most of them would never dream of logging back in to their old place of work. But it only takes one bad apple to wreak havoc – so make sure your defences are in place, and that only authorised users can access your sensitive systems," Cluley added.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU