Toyota said 296,019 email addresses and customer numbers of those using T-Connect, a telematics service that connects vehicles via a network, were potentially leaked. The affected customers are individuals who signed up to the service's website using their email addresses since July 2017.
A third party access could not be confirmed from the access history of the data server where the information was stored based on security experts' investigation, Toyota said in a statement.
At the same time, it added that third-party access "could not be completely ruled out."
There was no possibility, though, that users' sensitive personal information, such as names, phone numbers or credit card information, were leaked, Toyota said.
The Japanese automaker did not confirm cases of the information being misused but cautioned that there is a possibility of spamming, phishing scams and unsolicited email messages being sent to the users' email addresses.
The automaker said a contractor that developed the T-Connect website accidentally uploaded parts of the source code with public settings from December 2017 until Sept. 15 this year.