Cyber Incident Victim: Porsche Japan
Date:
Jan 2000
Location:
Japan
Summary
Porsche Japan experienced a data breach compromising customer information through unauthorized access, exposing over 28,000 email addresses primarily linked to online brochure requests. Potentially affected data included names, physical addresses, telephone numbers, and income details stored during customer interactions. The incident involved historical records of consumer engagements, resulting in significant exposure of personal identifiers and sensitive financial attributes.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In February 2017, Porsche Japan disclosed a data breach impacting customers who had interacted with its online services. The company confirmed unauthorized access to its systems resulted in the exposure of over 28,000 email addresses. Of these, 23,151 email addresses belonged to individuals who had requested product brochures digitally between 2000 and 2009. Porsche Japan officials acknowledged the breach likely extended beyond email addresses, with customer names, physical addresses, telephone numbers, and income details potentially compromised. The incident exposed a decade’s worth of customer data gathered through Porsche Japan’s online brochure request system.
The breach affected individuals who had shared personal information during a nine-year period spanning the early 2000s. While Porsche Japan did not specify the exact intrusion timeline or method, it confirmed the attackers accessed stored customer records from its internet-based systems. No evidence suggested financial data or payment information was involved. The compromised income details and contact information created significant privacy concerns for affected customers, potentially enabling targeted phishing or fraud attempts. Porsche Japan’s disclosure emphasized the historical nature of the exposed data but confirmed active investigation into the full scope of the incident.