An unprotected, internet accessible ElasticSearch database exposed 134 million rows of sensitive data from Honda Motor Company, containing technical details on employee computers, including its CEO, Cloudflare security researcher Justin Paine reveals.
One of the largest automobile manufacturers in the world, Honda has offices around the globe, including Japan, United States, the U.K., Mexico, and elsewhere.
The insecure database was apparently made publicly accessible on July 1 and the security researcher discovered it on July 4 via Shodan. The database was promptly secured by Honda after being alerted by the researcher.
According to Paine, the information within the exposed database included data related to the internal network and computers of Honda. Specifically, the database appeared to be an inventory of all Honda internal computers.
The exposed data involved machine hostname, MAC address, internal IP, operating system version, installed patches, and the status of Honda's endpoint security software, Paine reveals.
Within the database, the security researcher found around 134 million documents, amounting to around 40GB of around 3.5 months-worth of data (the information went as far back as March 13, 2019). According to the researcher, roughly 40,000 data points were being added to the database every day.
Due to its nature, the exposed information could allow an attacker to discover weaknesses within Honda’s internal network, given that it included specific details the security vendor used and the patch level on each system. Even machines without endpoint security software installed were listed there, Paine reveals.
In addition to machine-related information, the database also included employee data in one of its tables. Specifically, the researcher found there information such as employee email address, employee name, department, last login, employee number, account name, and a mobile field ..
Support the originator by clicking the read the rest link below.
