Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Data of Honda Owners in North America Exposed Online

An Elasticsearch cluster containing information on Honda owners in North America was recently found to be accessible from the Internet without any authentication.

Discovered on December 11, 2019, by security researcher Bob Diachenko, the database was part of Honda North America infrastructure and it contained 976 million records.

An Elasticsearch cluster containing information on Honda owners in North America was recently found to be accessible from the Internet without any authentication.

Discovered on December 11, 2019, by security researcher Bob Diachenko, the database was part of Honda North America infrastructure and it contained 976 million records.

Of these, around 1 million records were found to include information about Honda owners and their vehicles, but the researcher said he was not able to confirm the exact number of unique customer records in the database.

The database stored names, contact details, and vehicle information, all of which could be accessed without a password. The company secured the server within hours after being notified, the researcher says.

Honda told the researcher that the leak involved a data logging and monitoring server for telematics services. The car maker also said that the estimated number of impacted customers was roughly 26,000.

“We are basing this number on a detailed review of the databases on this server, eliminating duplicate information and eliminating the data that does not contain consumer PII. […] The server on which the database resides was misconfigured on October 21, 2019,” Honda said.

The car maker also told Diachenko that no financial, credit card, or password information were present in the exposed database.

According to the security researcher, the database was exposed for over a week, meaning that malicious parties might have had time to copy the information, provided they discovered the exposure.

Advertisement. Scroll to continue reading.

“Honda is continuing to perform due diligence, and if it is determined that data was compromised, we will take appropriate actions in accordance with relevant laws and regulations. We will continue to work on proactive security measures to prevent similar incidents in the future,” Honda said.

The database was first indexed by search engine BinaryEdge on December 4, but the researcher only discovered it on December 11. Honda’s security team in Japan was alerted the next day and the server was shut down by December 13, the researcher says.

Information stored in the database included full name of Honda owners, email address, phone number, mailing address, vehicle make and model, vehicle VIN, agreement ID, and other service information. Internal logs and maintenance records were also present on the server.

Malicious actors who might have had the chance to download the exposed data could use it in targeted phishing campaigns.

In July, an Elasticsearch database exposed data related to Honda’s internal network and computers, such as hostname, MAC address, internal IP, operating system version, installed patches, and more.

Related: Unprotected Database Exposes Details of Honda’s Internal Network

Related: Car Dealer Marketing Firm Exposed 198 Million Data Records

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Hear from experts as they explore the latest trends, challenges and innovations in Attack Surface Management.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Janet Rathod has been named VP and CISO at Johns Hopkins University.

Barbara Larson has joined SentinelOne as Chief Financial Officer.

Amy Howland has been named Partner and CISO at Guidehouse.

More People On The Move

Expert Insights