- Mazda confirms breach in December 2025 via inventory management system
- Hundreds of employee and partner records exposed, including IDs, names and emails
- Customers unaffected; the company strengthens security after vulnerability exploitation
Hackers have broken into Japanese automaker Mazda and used their access to exfiltrate sensitive employee and partner data, the company has confirmed.
In a breach notification letter, the Japanese automaker said that in mid-December 2025 it found “traces of unauthorized access” to a management system used to operate certain warehouses used to store parts sourced from Thailand.
As soon as the breach was discovered, Mazda did what most companies do in these cases – secured their infrastructure, notified relevant authorities and data watchdogs, including the Personal Information Protection Commission, and launched an investigation with the help of third-party cyber security experts.
The article continues below
No bragging rights
The investigation determined a “possibility that some of the personal data of the company’s employees, its group companies and business partners” may have been disclosed. This part includes 692 records such as Mazda-issued user IDs, names, email addresses, company names, and business partner IDs.
Mazda also emphasized that customers’ personal information was not accessed as it was not stored in the affected systems in the first place.
“To prevent a recurrence, Mazda will continue to strengthen its information security framework, including improved monitoring of external access and strengthened communication controls,” the company added.
Mazda did not say who the threat actors were and did not discuss the nature of the attack. It said the hackers broke in by abusing “security vulnerabilities in the systems that were exploited.”
So far, no cybercriminal groups have claimed responsibility for the attack, and given that just 692 records were exposed, it’s likely that none will. Cybercriminals who leak just a handful of data are often ridiculed for it, especially when the data contains nothing more than the basic “names, email addresses”.
Via Bleeping Computer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
