Thursday, April 17, 2025
HomeData BreachHonda Leaked Over 50,000 Users Personal Information of it's Honda Connect App

Honda Leaked Over 50,000 Users Personal Information of it’s Honda Connect App

Published on

SIEM as a Service

Follow Us on Google News

Honda Car India leaked over 50,000 users Personal information of it’s Honda Connect App which is stored in the publicly unsecured Amazon AWS S3 Buckets.

Experts recently discovered two public unsecured Inside of the AWS Bucket contains an unprotected database which maintained by Honda Connect App.

Honda-Connect is a smartphone app that boasts that it gives the user a sense of security and safety also it gives a variety of futures for its users.

- Advertisement - Google News

Important future of Honda Connect App including  Periodic service alerts, Service Booking/Editing, Feedback System, Nearby Dealer and Fuel pump locator, My Documents (to store important documents for your car), Fuel Log, SoS (a one-click solution to let family and friends know your exact location in an emergency).

Leaked Data From Honda Connect App

Unsecured Amazon AWS S3 Buckets leaked very sensitive personal information such as ed names, phone numbers for both users and their trusted contacts, passwords, gender, email addresses for both users and their trusted contacts, plus information about their cars including VIN, Connect IDs, and more.

This leak has been reported by Security researchers from kromtech, they are not the first one who find this leak but before that security researcher @Random_Robbie (twitter), who left them the following note called poc.txt, which was dated February 28, 2018

Aslo he warned the S3 Bucket users that “If you find POC.txt in your S3 bucket you need to secure it asap!”

Leaked information could be useful for cybercriminals that they will use it for various malicious activities such as access to everything on that phone, but specifically regarding this app when paired with a Connected Device: where someone’s car is currently located, where they went, where they typically drive, how they drive, and where they start and stop.

Also, Phone numbers and Email addresses will be used for launch a very targeted spear phishing attack.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Critical Erlang/OTP SSH Vulnerability Allow Hackers Execute Arbitrary Code Remotely

A major security flaw has been uncovered in the widely used Erlang/OTP SSH implementation,...

Chinese Hacker Group Mustang Panda Bypass EDR Detection With New Hacking Tools

The China-sponsored hacking group, Mustang Panda, has been uncovered by Zscaler ThreatLabz to employ...

CISA Warns of Potential Credential Exploits Linked to Oracle Cloud Hack

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a public warning following reports...

Agent Tesla Malware Uses Multi-Stage Attacks with PowerShell Scripts

Researchers from Palo Alto Networks have uncovered a series of malicious spam campaigns leveraging...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Hacker Leaks 33,000 Employee Records in Third-Party API Breach

A hacker has exposed the personal records of over 33,000 employees after discovering unrestricted...

Landmark Admin Suffers Major Breach, Exposing Data of 1.6M+ Users

Landmark Admin, LLC (“Landmark”), a Texas-based third-party administrator for life insurance carriers, has confirmed...

Cloud Misconfigurations – A Leading Cause of Data Breaches

Cloud computing has transformed the way organizations operate, offering unprecedented scalability, flexibility, and cost...