Cyber Incident Victim: Kojima Industries

On February 27, 2022, Toyota Motor Corporation suspended operations at all 14 of its domestic plants in Japan following a cyberattack targeting Kojima Industries, a critical supplier in its production network. The attack disrupted Toyota’s parts supply management system, forcing the immediate shutdown of 28 production lines across its facilities. Subsidiaries Hino Motors and Daihatsu Motor also halted operations at select Japanese plants the same day due to cascading supply chain disruptions. The incident represented a full stoppage of Toyota’s Japan-based vehicle manufacturing capacity, highlighting the supplier’s integral role in the automaker’s just-in-time production model. No technical specifics regarding the attack vector, threat actor, or intrusion timeline were disclosed publicly.

The operational suspension marked one of the most severe cyberattack-induced disruptions in Japan’s automotive sector, directly impacting Toyota’s production of vehicles for domestic and international markets. Kojima Industries, as a tier-one supplier of plastic parts and electronic components, provided essential materials affecting multiple assembly stages. Toyota’s decision to idle all plants reflected the absence of redundant systems or inventory buffers to mitigate the parts shortage. The coordinated halt across Hino’s and Daihatsu’s facilities further demonstrated the attack’s systemic impact on Toyota Group operations. Production resumed on March 2 after temporary workarounds were established, though the incident underscored vulnerabilities in interconnected automotive supply chains.