Honda US cops to vast data snaffle from marketing firm
What comes of trusting PRs
Regcast training : Hyper-V 3.0, VM high availability and disaster recovery
Honda US has written to customers following a data breach that led to the exposure of million of customer records.
Hackers made off with a database containing names, email addresses, and Vehicle Identification Numbers (the unique ID for cars) of 2.2 million Honda customers following an attack on an unnamed third-party marketing outfit. The breach creates a mechanism for miscreants to distribute convincing phishing emails, perhaps posing as "special offers", and designed to hoodwink victims into disclosing more sensitive private information.
Honda has contacted affected customers to warn them of the risk, as well as publishing an FAQ on the breach. Criminal hackers also swiped a list containing email address records of 2.7 million drivers of Honda's luxury Acura car. Vehicle information was not attached to that list, a factor that means it only poses a lesser risk, mainly from the possibility of increased spamming against exposed email accounts.
Net security firm Sophos notes that the incident illustrates how the security reputation of household brands can be damaged by security faux-pas from its partners. "It may not be your company who is directly hacked, but it can still be your customers' data that ends up exposed, and your brand name that is tarnished," Sophos notes.
"You don't just need to ensure that you are taking enough care about the security and protection of the private customer data you store - you also need your partners and third-party vendors to follow equally stringent best practices." ®
COMMENTS
@Billy Bob Gascan
If you remember this is a British site, then checking with a proper dictionary might help: http://oxforddictionaries.com/view/entry/m_en_gb0785210#m_en_gb0785210
Just continue hitting that bong.
"you also need your partners and third-party vendors to follow equally stringent best practices"
Sod that.
I you find someone willing to pay for the partner following "stringent best practices", wake me up.
Offers costing more than a lunch for five at Pizza Hut are generally immediately deep-sixed. Except if you are one of the Big Brands and have A Man Inside. Then you can actually add a 0 or two on the right side.
WTF?
Why did Honda allow a third party access to that kind of data? The mind boggles. Seems that the toy robot building global monstrosity is actually breeding muppets ...

IT infrastructure monitoring strategies
Agentless Backup is Not a Myth
Top 10 SIEM implementer’s checklist
Steps to Take Before Choosing a Business Continuity Partner
Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider