Toyota Motor said on Wednesday that information on customers in some countries in Oceania and Asia, excluding Japan, may have been left publicly accessible from October 2016 to May 2023.

Customer information that may have been accessible externally included names, addresses, phone numbers, email addresses, and vehicle identification and registration numbers, the company said.

The incident follows its announcement in May that the vehicle data of 2.15-million users in Japan, or almost the entire customer base who had signed up for its main cloud service platforms since 2012, had been publicly available for a decade because of human error.

The world’s largest carmaker by sales said the latest issue was discovered when it launched a broad investigation into cloud environments managed by Toyota Connected after the earlier incident. “As we believe this incident also was caused by insufficient dissemination and enforcement of data handling rules … we have implemented a system to monitor cloud configurations,” Toyota said.

The issue arose because of a setting error in the cloud environment where the carmaker stores customer data collected by overseas dealers for handling and managing maintenance inspections of vehicles.

Toyota is investigating the issue based on the laws and regulations of each country, a company spokesperson said.

It did not say how many customers were affected, in which countries they are located, and whether customers of its luxury Lexus brand were affected.

It said it has also investigated whether there were any thirdparty copies or use of its customer data and found no evidence of such use.