Feedback Friday Industry Experts Comment on Hive Ransomware Takedown

Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Tracking & Law Enforcement

Toyota Says Fired Contractor Sabotaged Supplier Network and Stole Sensitive Data

Court documents obtained by SecurityWeek, from the Eastern District of Kentucky, show that Toyota has filed a lawsuit against an ex-contractor for sabotaging the company’s supplier network and downloading confidential information.

Court documents obtained by SecurityWeek, from the Eastern District of Kentucky, show that Toyota has filed a lawsuit against an ex-contractor for sabotaging the company’s supplier network and downloading confidential information.

Toyota accuses Ibrahimshah Shahulhameed, a former employee who was working for the automaker in Kentucky, of accessing their supplier network after he was fired, sabotaging the network itself and downloading sensitive information. According to documents filed with the court, Shahulhameed was fired last week, August 23, but the company did not state why.

The day he was terminated, from midnight until approximately 06:30 a.m. on August 24, Shahulhameed “sabotaged various programs and applications; and accessed, copied, downloaded and/or disseminated trade secrets and proprietary information.”

“Specifically, due to the level of administrative access [Shahulhameed] had to Toyota’s system, [Shahulhameed] improperly accessed proprietary trade secrets and information such as pricing information, quality testing data, and parts testing data,” Toyoda said in the complaint.

“Based on information currently available, [Shahulhameed] logged on to various internal and external systems and programs that contain highly confidential and proprietary information of Toyota…If this information were disseminated to competitors or otherwise made public, it would be highly damaging to Toyota, and its suppliers, causing immediate and irreparable damage.”

Further, the automaker charges Shahulhameed with modifying 13 applications on toyotasupplier.com causing it to crash.

“At this point, the level of damage caused by [Shahulhameed’s] unauthorized access to Toyota’s computer system is unknown. It will take days for Toyota’s IT department to determine the full extent of its damage as a result of [Shahulhameed’s] efforts to sabotage its system,” the complaint explains.

As it turns out, Toyota almost lost their chance to confront Shahulhameed in court. After he was released on bond, he told corporate investigators that he was planning on returning home to India (he is in the U.S. on an H1B visa). The automaker asked the court for a temporary restraining order preventing him from leaving, but it wasn’t needed as he agreed to an order on Monday that he would not travel for 14 days.

Shahulhameed remains free on a $2,500 bond until trial.

Written By

Click to comment

Expert Insights

Related Content

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

The owner of China-based cryptocurrency exchange Bitzlato was arrested in Miami along with five associates in Europe

Cyberwarfare

Google Project Zero has disclosed the details of three Samsung phone vulnerabilities that have been exploited by a spyware vendor since when they still...

Application Security

Virtualization technology giant Citrix on Tuesday scrambled out an emergency patch to cover a zero-day flaw in its networking product line and warned that...

Cybercrime

A hacker who reportedly posed as the CEO of a financial institution claims to have obtained access to the more than 80,000-member database of...

Compliance

The Federal Communications Commission (FCC) is proposing tighter rules on the reporting of data breaches by wireless carriers.The updated rules, the FCC says, will...

Privacy

Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...