The personal data belonging to Honda and Acura customers in Canada was stolen after attackers accessed the information off the companies’ e-commerce sites.
How many victims? 283,000.
What type of personal information? Names, addresses and vehicle identification numbers. Data such as birth dates, telephone numbers, email addresses, credit card numbers, bank account information and lists of transactions was not taken.
What happened? Hackers infiltrated the myHonda and myAcura e-commerce sites to steal the account information stored in a database. The records in that database should have been destroyed but were not.
What was the response? Honda is notifying affected customers by mail. It informed customers about the incident but said they are not at risk for identity theft.
Details: The information was collected two years ago from customers who registered at the websites. Experts worry the stolen data may be used in phishing scams that seek more valuable personal information. Honda, which owns Acura, has since been sued over the breach, with the plaintiffs seeking $200 million in damages.
Source: The Toronto Star, thestar.com, “Honda hacked: 283,000 car owners lose personal data,” May, 26, 2011.