A Honda Motor Company Elasticsearch cluster containing 976 million records affecting about 26,000 customers and containing information on Honda vehicle owners was found exposed.
Independent security researcher Bob Diachenko posted that the database appeared to be part of the company’s North American operation did not require any passwords or other authentication to access the data, which included full name, email address, phone number, mailing address, vehicle make and model, vehicle VIN number, agreement ID and other service information.
“Please note that I was unable to confirm the exact number of unique customer records, this number is based on cluster statistics and keywords search analysis. In its statement Honda estimates this number to be around 26,000,” he said.
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.