OMIS 5110 - Honda Data Breach
Get flash to fully experience Pearltrees
Another day, another hack. Apple, Sony, Citigroup, and Lockheed Martin are just some of the big-name companies afflicted by recent cyber-security breaches. Canada has not been spared. Beyond the attacks on the federal Treasury and Finance Departments and the Conservative Party of Canada, Sony, Husky Energy, and Honda have all had Canadian branches or units compromised in recent hacks.
While Tokyo-based Sony Corp. battles massive data security breaches, Japanese carmaker Honda is confronting its own online challenge — the theft of personal information from 283,000 Honda and Acura customers in Canada. Jerry Chenkin, executive vice-president and chief compliance officer at Honda Canada Inc., confirmed Thursday that names, addresses and vehicle identification numbers were taken from the company’s eCommerce websites myHonda and myAcura, with suspicious activity on the site first detected in late February. In a letter to affected vehicle owners dated May 13 and obtained by the Toronto Star, Honda Canada said it was alerted by unusual volume on the sites, including “some unauthorized attempts to access account information.” The letter said financial information was not compromised. Honda, which does not sell customer data to third parties, is investigating the incident, which has been reported to police.
A DataBreaches.net reader alerted me that Honda Canada has been notifying some customers of a breach. According to a May 13th letter he received ( French version, pdf ), a breach involving unauthorized access of the My Honda (myhonda.honda.ca) and My Acura (myacura.acura.ca) web sites was detected in March 2011 and affected customers who were on certain mail lists in 2009. Customers’ names, addresses, and vehicle identification numbers were involved.
A data breach that potentially impacted 280,000 Honda Canada Inc. customers could have been dealt with more effectively by the automaker, according to a pair of security experts. The automaker posted an alert on its Web site this week revealing a data breach involving the authorized access of customer names, addresses, vehicle ID numbers and Honda Financial Services account numbers. The breach has impacted customers of both the Honda and Acura brands. The information accessed in the breach was related to a 2009 membership program called MyHonda and MyAcura. These customer-facing sites allowed customers to sign up for benefits such as vehicle-specific information, new warranty and maintenance news, and exclusive product information.
Automaker warns of
Computerworld - Honda Canada has notified about 280,000 customers in that country of a data breach involving the compromise of their personal data. The breach was discovered in late February. However the company only began notifying customers of the compromise earlier this month. An undated alert posted on the company's website said the incident involved the unauthorized access of customer names, addresses, vehicle identification numbers and, in the case of a small number of customers, their Honda Financial Services account numbers. Jerry Chenkin, executive vice president of Honda Canada, said Thursday the reason for the delay was that the company needed time to figure out the scope of the breach before it could begin notifying customers. According to Chenkin, unknown intruders breached a Web server that allows Honda and Acura customers in Canada to set up personal MyHonda and MyAcura websites.
To our valued Honda customers: Honda Canada Inc. has notified a limited number of affected customers of the possible unauthorized access to their information. This information included name, address, Vehicle Identification Number, and in some cases, Honda Financial Services Account number, telephone number and e-mail address. The affected customers were notified by mail in May 2011, June 2011, and August 2011.