News News by Brand Toyota News

Toyota Suspends Production at 14 Plants Following Possible Cyber Attack

Toyota estimates that the shutdown will affect the production of 13,000 vehicles.

A “system failure” at one of its domestic suppliers early Tuesday, likely due to a cyber attack, has caused Toyota to suspend production at 14 of its plants, the automaker announced via a statement. 

Though the automaker’s official statement makes no mention of one, Nikkei reports that one of Toyota’s Tier 1 suppliers, Kojima Industries, seems to have been the target of a cyber attack. “It is true that we have been hit by some kind of cyber attack,” the outlet cited an unnamed source close to the matter as saying. “We are still confirming the damage and we are hurrying to respond, with the top priority of resuming Toyota’s production system as soon as possible.” 

A total of 28 production lines will be paused due to the failure, which affects vehicles across the Toyota, Daihatsu, and Hino brands, according to Nikkei

In an emailed statement to The Drive, a Toyota spokesperson estimated that the production suspension will impact 13,000 vehicles in Japan, but also noted that the company believes there will be no impact on North American production at this time. It’s unclear if Toyota will resume production on Wednesday, as the spokesperson declined to answer this particular question.

Toyota’s Motomachi assembly line, via Toyota

Toyota has roughly 400 Tier 1 suppliers which are responsible for producing modules and components—or in Kojima’s case—plastic parts for vehicle interiors. These suppliers are often directly connected to Toyota’s internal networks as part of its just-in-time production methodology, meaning that if proper safeguards aren’t in place, an incident could spill over into Toyota’s environment, hence the cautionary pause while Toyota officials and cyber security experts evaluate the scope of the situation. Kojima Industries is currently performing root cause analysis and determining how it will restore services.

News of supposed Kojima’s breach comes around the same time that Japanese tire manufacturer Bridgestone became aware of its own cyber security-related incident on Sunday. Similar to Toyota, Bridgestone “disconnected” its American manufacturing and retreading facilities until it could learn the full scope of the incident. This morning, Bridgestone announced that it was canceling a shift at its plant in Des Moines, Iowa, which employs about 1,300 workers.

Workers at Toyota’s plant in Takaoka., via Toyota

It’s not immediately clear if there is any connection between the Toyota and Bridgestone incident, however, both incidents follow Japanese Prime Minister Fumio Kishida’s support for blocking Russia from the international payment system, SWIFT, as well as an emergency monetary aid pledge of $100 million for Ukraine.

In a press conference, Kishida said that the Japanese government was investigating the Kojima Industries incident to determine if there was any involvement from Russia, a well-known perpetrator of state-sponsored cyber attacks. In 2021, Microsoft reported that Russia was indicated in 58 percent of all state-sponsored cyber attacks detected by its threat analysis teams in the prior year.

Got a tip or question for the author? You can reach them here: