Leaky Honda Database Exposes 976M Records – Expert Commentary

By   ISBuzz Team
Writer , Information Security Buzz | Dec 19, 2019 11:49 am PST

Security researcher Bob Diachenko has identified an unprotected Elasticsearch cluster with 976 millions of records belonging Honda North America. An estimated 1 million records in the database contained information about Honda owners and their vehicles. No password or authentication was necessary to access the records, which included names, contact details and vehicle information.

The database contained the following information of Honda owners and their vehicles:

  • Full name
  • Email address
  • Phone number
  • Mailing address
  • Vehicle make and model
  • Vehicle VIN number
  • Agreement ID
  • Other service information