Automotive giant Honda exposed 26,000 vehicle owner records containing PII of North American customers after misconfiguring an Elasticsearch cluster on October 21, 2019. The records included the customers’ full names, email addresses, phone numbers, mailing addresses, mailing address, vehicle make and model, vehicle VINs, agreement ID, and various service information on their Honda vehicles. Honda’s security team in Japan promptly secured the publicly accessible server within just a few hours after being contacted by Security Discovery researcher Bob Diachenko.
Source: https://www.bleepingcomputer.com/news/security/honda-exposes-26-000-records-of-north-american-customers/