Skip to content ↓ | Skip to navigation ↓

Car maker Toyota admitted earlier today that it had suffered what appears to have been a malware attack at its facilities in Melbourne, Australia that knocked out its website and other communications.

The first public sign of a problem appeared on Toyota Australia’s website, which was offline for a period of time in the aftermath of the attack. The company’s phone and emails systems were also temporarily unavailable.

Toyota Australia is currently experiencing technical difficulties which are impacting our Guest Experience Centre, and our website toyota.com.au.

As a result, we are currently unreachable via phone or email.

We apologise for any inconvenience and thank customers for their patience during this time.

In a statement later published on the Toyota website and shared on its Facebook page, the car manufacturer confirmed that it had suffered a cyber attack:

Toyota Australia driven offline by cyber attack, as hospital hit by ransomware

“Toyota Australia can confirm that it has been the victim of an attempted cyber attack. At this stage, we believe no private employee or customer data has been accessed. The threat is being managed by our IT department. We are working closely with international cyber security experts to get systems up and running again as soon as possible. At this stage we have no further details about the origin of the attack. We apologise for any inconvenience caused and thank customers for their patience.”

A spokesperson told the media that the attack had impacted Toyota Australia’s operations worldwide but that its dealer network had remained operational.

Toyota reassured customers, employees and its business partners that it does not believe at this stage that any private information has been accessed. That would have certainly fit the bill if Toyota’s infrastructure had been hit by ransomware. However, at this stage, Toyota Australia has not confirmed whether it was ransomware that disrupted its systems, nor has it specified the name of any malware that may have been involved.

If it *was* ransomware, however, then it’s possible that Toyota Australia was not specifically targeted by criminals but instead was unlucky enough to find itself in the firing line as extortionists attempted to infect any company or individual that happened to open a malicious attachment or click on a dangerous link.

Frankly it’s too early to tell. Too little information has been released for anyone to speculate on how criminals gained access to Toyota’s infrastructure and on the details of the malware attack.

But if it is the case that Toyota has been hit by ransomware, then it’s not the only Melbourne-based organisation to have been ravaged by the menace in recent days.

According to The Age, a ransomware attack recently hit the cardiology unit at the private Cabrini Hospital in Malvern, Melbourne, encrypting medical files.

The medical files of approximately 15,000 patients are thought to have been left scrambled by the ransomware, with the only hope of recovery being restoration from an unaffected backup (if available) or the submission of a ransom payment to the extortionists.

The Age reports that the Melbourne Heart Group, which is based at the hospital, has not been able to access some of its patients’ medical data for more than three weeks. According to some reports, a ransom payment may have been paid, but some of the files may continue to be inaccessible.

It’s bad enough when an organisation’s data is held ransom by online criminals, but when the data that is being held hostage actually contains the medical information of patients who may have serious heart conditions, things become all the more serious.

Attacks like this only underline the importance of not only using technology to defend against potential attacks but also of keeping secure regular data backups so that if the worst does happen you can get back up and running as soon as possible.


Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.

['om_loaded']
['om_loaded']