Honda hacked; 283,000 car owners details stolen

Honda Canada has released a statement on their website that thousands of personal details for Honda and Acura customers may have been stolen.

According to Huffingtonpost.ca, the press release issued by the company stated that 283,000 owners details including customers names, addresses, VIN (Vehicle Identification Number) and in some cases Honda Financial Services details were stolen.

In a what seems to be a wave of hacking over the past six months, the number of major corporations being compromised has seemed to be on the up rise. Just a month ago, Sony Corporation had their PlayStation Network hacked, with millions of gamers' details and even credit card numbers stolen.

The database that was compromised was used in a program in 2009 that had users to register their vehicle with the myHonda website.

Honda did note in the letter to customers that the information stolen did not include birth dates, credit card numbers and bank accounts. Regardless of the information stolen, users should be cautioned to check their credit card and bank statements for any fraudulent usage.

Report a problem with article
Previous Story

Revamped notifications and widgets coming to iOS 5?

Next Story

HP expands voluntary battery recall for laptops bought July 2007 to May 2008

27 Comments

View more comments

Skyfrog said,
Why are databases like these connected to the internet?

usually they are technically not connected to the internet. they are in an intranet network via vpns. but if you can get access to a computer and get into their vpn servers you can grab everything. (that's just one way they can do it)

and this is ****ty cause i have a honda that registered with honda canada...

Skyfrog said,
Why are databases like these connected to the internet?

Because it was a part of a website that the customers registered on.

The database that was compromised was used in a program in 2009 that had users to register their vehicle with the myHonda website.

Article said,
Sony Corporation had their PlayStation Network hacked, with millions of gamers details and even credit card numbers stolen.

Slightly off topic but hasn't Sony stated that there's no evidence of any credit card theft:

Sony CEO of America said,
To date, there is no confirmed evidence any credit card or personal information has been misused, and we continue to monitor the situation closely.

EDIT: bah, meant to make a new post not reply...oh well...

jrolson said,
Can we stop all this hacking? It's getting old now...

+1! This is BS! Lockheed Martin was hacked too! I am at a loss for words as to how these companies can be this vulnerable still when Microsoft pushed for them to upgrade security ages ago (like, oh I don't know......in the days of XP SP2!!!). Nobody listens until it is too late. It is all about the almighty dollar. One question for these companies: Is the saved money worth it now? lol

winlonghorn said,

Lockheed Martin was hacked too!

Yeah, and now our network is insanely locked down. It's not even funny...even our blackberries are encrypted now. I'm not going to say anymore though.

jrolson said,
Can we stop all this hacking? It's getting old now...

Yeah, this is getting ridiculous. There will be a point where governments will have to take extreme measures and create new laws because this can be a serious threat

daniel_rh said,

Yeah, this is getting ridiculous. There will be a point where governments will have to take extreme measures and create new laws because this can be a serious threat

Yeah, because laws really always stop bad people from doing their bad things. /s
There won't be a point when people take their heads out of their butt puckers, though. And that is the most serious threat, actually.

How long before hacking is linked a 5 year jail term or something? At this rate, law makers will be pressured to do so by people who are more important to their financial well being (AKA giant corporations). And at this rate, I won't be too fussed if punishment is disproportional to the crime.

It is quite sad however, at the lack of security. But what is also sad is the increase of hacker activity in recent days.

That's what you get for absolutely dismissive attitude to security. I expect this.hacking wave to persist. And I find that it's well deserved for arrogance, carelessness and flamboyant, deliberate misuse of technology.

cralias said,
That's what you get for absolutely dismissive attitude to security. I expect this.hacking wave to persist. And I find that it's well deserved for arrogance, carelessness and flamboyant, deliberate misuse of technology.
deliberate misuse of technology? I thought that goes to the hackers instead?

tanjiajun_34 said,
deliberate misuse of technology? I thought that goes to the hackers instead?

If they're black hats then yes. Otherwise, IMO, ignoring security is easily equivalent to misuse. If you ride a broken lawn mower in a go kart competition, that's misuse. Having a broken website is something alike.
Also, I'd hope that these series of hackings would serve as a precedent to do major security checks and system audits. Oh, a man can dream...

What the?

This is getting ridiculous. Why do smaller companies have far better security than these companies with more money? My small company does not compromise on security and our servers get on average 700 hack *attempts* everyday - all of them unsuccessful. It's shameful to see people like Honda and Sony not invest in security at all.

Can someone make me a list of all these prominent site's that have been over the past few months.

Brian Miller said,
What the?

This is getting ridiculous. Why do smaller companies have far better security than these companies with more money? My small company does not compromise on security and our servers get on average 700 hack *attempts* everyday - all of them unsuccessful. It's shameful to see people like Honda and Sony not invest in security at all.

Can someone make me a list of all these prominent site's that have been over the past few months.

because it is not easy to upgrade security system in such a HUGE company. smaller company is so much easier to upgrade their software/hardware.

perochan said,

because it is not easy to upgrade security system in such a HUGE company. smaller company is so much easier to upgrade their software/hardware.

That's no excuse. Just saying "oh, we're too big and its too hard to maintain security" is just sad. A bigger company has more resources to devote to security as well and needs to use those resources properly to protect the people who actually make the company big - the customers.

Does it really even matter anymore? My personal info has been stolen so many times over the last couple months that I'm sure everyone in the world already has my name, address, emails, phone numbers, credit card info, bank info, DNA, videos of me using my computer, and everything else.

Seriously, I've gotten nothing but a string of emails from companies apologizing for losing my info (Chase, Sony, Best Buy, HSBC, etc, etc, etc).

Soldiers33 said,
i think its time for me to remove my credit card details from some sites.

Unfortunatly. It seems some sites don't actually remove details when you ask them to, they archive them or keep them on site for 60days or what ever. Don't trust a site to actually remove your details, I think enough people have trusted them in the first place to keep your details secure and safe with correct updates on the servers etc... look where that got them

Omen1393 said,
I'm glad I'm majoring in networking and information security

Not really, It'll just be your ass on the line when someone gets hacked

This is ridiculous. Everyone who has their information stolen should be able to sue. Companies are not taking enough precautions. maybe a little financial incentive is required.

That is what companies get for using 1997 database technologies and do not update because it will be expensive. If you are running new technologies this can still happen, but while looking at some IT jobs around here they are using such old technology that is no longer supported and probably has some security issues that new versions do not.

Commenting is disabled on this article.