[BreachExchange] Massive 40GB Honda data breach described as ‘a hacker’s dream’

Destry Winant destry at riskbasedsecurity.com
Fri Aug 2 10:00:33 EDT 2019


Honda has accidentally exposed much of its corporate secrets and
private employee information, amounting to 40GB of data.

On the eve of releasing its financial earnings for the past quarter,
Honda created a situation described by one security researcher as “a
hacker’s dream”. According to Verdict, 40GB of critical company data –
amounting to 134m rows of system data – was stored on an unsecured
Elasticsearch database.

This meant that anyone who knew where to look could have come across
the company’s most sensitive data, not only including information
about the company’s security systems and networks, but also technical
data on all of its IP addresses, operating systems and what patches
they had.

In effect, it gave hackers of even the lowest skill the map and
details needed to potentially engage in a massive cyberattack against
the company, including personal attacks against its employees.

Speaking with Verdict, Igor Baikalov, chief scientist at the
cybersecurity firm Securonix, described the situation Honda created
for itself as “a hacker’s dream, a treasure trove of the most
sought-after information”, adding that “whoever has it, can own
Honda’s network”.

It isn’t known whether the information exposed in the breach has been
accessed any individuals or groups, but the nature of the breach
leaves it possible for a devastating attack to come further down the

Honda hasn’t said what error led to the breach, but security awareness
advocate Javvad Malik of KnowBe4 had one suggestion.

“It’s likely that there was an oversight on behalf of an
administrator, which exposed the database publicly,” he said.

“This is why it’s important to gain assurance that all systems are
protected as required and that staff have been given the right level
of security training to know what to look out for and what baseline
standards are.

“Robust policy and user training may have helped to reduce the
likelihood of this data exposure – technology would have, potentially,
alerted Honda to the issue and allowed them to remediate.”

More information about the BreachExchange mailing list