Cyber Incident Victim: Toyota Boshoku Corporation
Date:
Aug 2019
Location:
—
Summary
Toyota Boshoku Corporation's European subsidiary incurred a financial loss exceeding $37 million due to a business email compromise attack involving fraudulent payment instructions from a malicious third party. The company detected the fraudulent activity shortly after the incident, initiating an investigation with legal professionals and reporting the event to authorities while pursuing recovery of the diverted funds. This incident followed prior cybersecurity breaches impacting other Toyota-affiliated entities, underscoring persistent targeting of the group's subsidiaries.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On August 14, 2019, Toyota Boshoku Corporation’s European subsidiary fell victim to a business email compromise (BEC) attack, resulting in fraudulent payment instructions issued by malicious third parties. The company detected the fraudulent activity shortly after the funds were diverted, though the exact timeframe between the initial compromise and discovery remains unspecified in public disclosures. Toyota Boshoku confirmed a maximum financial loss of approximately 4 billion yen ($37.47 million or €33.9 million) as of September 5, 2019. The attack involved threat actors impersonating trusted entities to manipulate subsidiary employees into redirecting payments to attacker-controlled accounts. No technical details regarding the attackers’ entry vector, email spoofing methods, or internal system compromises were disclosed. Toyota Boshoku initiated an internal investigation immediately upon discovery, collaborating with legal professionals and notifying unspecified local law enforcement authorities. The company prioritized fund recovery procedures but did not disclose whether any portion of the lost amount was successfully reclaimed or frozen at the time of its September 6 press release.
This incident occurred against a backdrop of prior cybersecurity challenges within the broader Toyota Group. In March 2019, Toyota disclosed a separate breach affecting approximately 3.1 million customers across its Toyota and Lexus sales subsidiaries, though this earlier event involved potential personal data exposure rather than financial theft. The European subsidiary’s BEC incident marked Toyota Boshoku’s first publicized major financial fraud case directly attributable to cybercrime. The company acknowledged the possibility of revising its March 2020 earnings forecast pending investigation outcomes but did not confirm whether such adjustments occurred. No operational disruptions, data leaks, or secondary impacts beyond the financial loss were reported. Toyota Boshoku’s public response emphasized cooperation with investigators and procedural efforts to recover funds, without elaborating on specific security control failures or internal policy changes implemented post-incident. The investigation remained ongoing at the time of reporting, with no subsequent public updates on legal actions or perpetrator identification.