Security Experts:

Programmer Charged with Hacking Toyota Website

LOUISVILLE, KY — A computer programmer from central Kentucky who once did contract work for Toyota has been charged with hacking into and damaging computers used by the automobile maker.

The FBI filed a federal criminal complaint against Ibrahimshah Shahulhameed of Georgetown, Ky., alleging that the disgruntled former worker logged in to the www.toyotasupplier.com site, which the company uses to communicate with vendors around the globe, and issued commands to slow down the functions of the computer servers.

"In some circumstances, there was no rational basis for issuing the commands, unless one was seeking to render the system inoperable," wrote FBI Special Agent Adam Keown, who conducted the probe.

Shahulhameed did not reply to a message sent Wednesday to an email address listed for him in the court documents, and his attorney, Patrick Nash of Lexington, did not immediately return a telephone call seeking comment.

Keown's allegations mirror those made by Toyota in a lawsuit filed in federal court in Lexington last month. Toyota won a preliminary injunction to keep Shahulhameed, a native of India, from leaving the United States while the suit was pending. The company dropped the litigation Tuesday, shortly after Keown filed the criminal complaint in federal court.

Both Keown and Toyota alleged that Shahulhameed worked on contract as a computer programmer for Toyota until being let go in late August. Andrew Sell, Shahulhameed's boss at GlobalSource IT, a Milwaukee, Wis.-based company, told Keown that Shahulhameed had been dismissed because he was harassing other employees working on the Toyota account.

Sell notified Shahulhameed via email that night that his contract to work on the Toyota account had been terminated.

"I want to be clear, to prevent any additional issues moving forward, that you should NOT have any future contact with ... anyone at Toyota," Sell wrote.

In a response sent Aug. 24, Shahulhameed wrote, "I also want to make sure ... I will not be responsible if anyone called me from Toyota."

At that point, Shahulhameed accessed Toyota's internal computer system without authorization, the FBI and Toyota allege.

Toyota also alleges that Shahulhameed possibly copied, downloaded and disseminated trade secrets and proprietary information, including pricing information, quality testing data and parts testing data.

Keown had Toyota's computer equipment examined as well as Shahulhameed's computer, which the company gave him to use while working on contract. Keown determined that Shahulhameed spent about six hours inside the firewall of Toyota's computer system, resulting in an estimated 3,000 to 5,000 labor hours in investigative time, restoration of systems and fixing the problems created by the hacking.

"Several toyotasupplier.com and internal applications either were not working properly or went down for a number of hours," Keown wrote.

The website www.toyotasupplier.com serves as a portal for current suppliers to Toyota, as well as a place for companies seeking to do business with Toyota to find information and work in a potential deal. As of Wednesday morning, the site appeared to be working. Toyota has a production plant in Georgetown and keeps some of its computer servers there.

Related: Toyota Says Fired Contractor Sabotaged Supplier Network and Stole Sensitive Data

Read More in SecurityWeek's Cybercrime Section