Honda, Acura customer data stolen in third-party breach

The last couple months of this year are starting to look like Breachfest 2010, and a new report in The Columbus Dispatch indicates that the latest victims are registered owners of Honda and Acura vehicles. As was the case with the McDonald's incident, it wasn't Honda or Acura specifically that was attacked -- but rather a third-party company who handled a customer email database.

In addition to the usual information like names and email addresses, the data also contained customer VINs (vehicle identification numbers). Armed with a VIN, it could be possible for a thief to obtain duplicate keys -- which is obviously very, very bad. It's more likely, however, that the data will be used to carry out phishing attacks. Armed with knowledge of the customers' vehicles, the phisher could pose as a Honda representative in an attempt to trick users into running a malicious attachment.

Honda has already reached out to all those affected -- some 2.2 million people. The company has also added a new section to its FAQ, which you can read here.

Tags: acura, breach, customer, data, database, email, hack, honda, information, security, stolen, theft, vin