A yet to be identified company has left a database containing over 10 million Vehicle Identification Numbers (VINs) exposed online with no authentication. This means that anyone who knows what to look for can mass-scan the Internet and download loads of sensitive information without any restriction. The company’s experts believe the database’s database was compiled for marketing purposes. VINs could be used in mass car cloning operation, such as those stolen from stolen cars as legitimate as legitimate ones. The most sought-after information exposed in the database is the VIN.
Source: https://www.bleepingcomputer.com/news/security/car-thieves-everywhere-rejoice-as-unsecured-database-exposes-10-million-car-vins/