While Tokyo-based Sony Corp. battles massive data security breaches, Japanese carmaker Honda is confronting its own online challenge — the theft of personal information from 283,000 Honda and Acura customers in Canada.
The Hacker News

Jerry Chenkin, executive vice-president and chief compliance officer at Honda Canada Inc., confirmed Thursday that names, addresses and vehicle identification numbers were taken from the company's e-commerce websites myHonda and myAcura, with suspicious activity on the site first detected in late February.

In a letter to affected vehicle owners dated May 13 and obtained by the Star, Honda Canada said it was alerted by unusual volume on the sites, including "some unauthorized attempts to access account information." The letter said financial information was not compromised.

Honda, which does not sell customer data to third parties, is investigating the incident, which has been reported to police. Perpetrators have not been identified and no group has claimed responsibility.

The letter warns of "possible improper access of information," but said customers are not at risk for fraud and identity theft. Chenkin said federal and provincial privacy commissions were notified and customers were warned of the breach "as soon as possible."

A spokeswoman for the federal privacy commissioner said the office has received inquiries from Honda customers about the breach "and over concern about the timing" (of the notification), adding that the office is looking at the issue and is in discussions with Honda Canada.

The letter said customers should be on the alert for marketing overtures that reference ownership of a Honda or Acura vehicles.

Chenkin said data was breached in personal addresses or web URLs assigned to customers using the sites, adding that the addresses were shut down immediately after the breach was detected.

He said Honda believed the records contained in a 2009 database were destroyed by a vendor that handled the project. "Apparently, they were not."

Birthdates, telephone numbers, email addresses, credit card numbers, bank accounts and information on Honda financial services transactions were not taken, he added.

The concern is that affected customers, especially those on the list with the VINs, may be targeted for some kind of "phishing" attack from someone pretending to be a local Honda dealer who correctly identifies the recently purchased vehicle and requests more personal information to trigger "special offers."

Online security experts said the information can ultimately be used to steal identities.

Honda late last year warned more than two million of its customers in the U.S. that an email database containing some of their personal information had been stolen.

The list contained names, login identities, email addresses and vehicle identification numbers of the Honda owners, while another list containing only the email addresses of nearly three million Acura owners was also taken.

Chenkin said Honda responded to the U.S. breaches with an audit of its online security practices and its web vendors.

The Honda incidents highlight the growing threat to online databases.

Sony, which Thursday forecast a return to profit for this fiscal year after sinking into its third straight year of red ink, has been hammered by the costs of massive online security breaches.

The breaches affected more than 100 million online accounts, and Sony was forced to close down its online gaming services last month.

Breaches have also been reported in Germany and at a Sony Ericsson joint venture e-commerce site in Canada first reported by the Star on Wednesday. Online "hacktivists" upset with Sony's hard line on copyright issues have claimed responsibility for the attack in Canada.

Sony is expecting costs related to its online security woes of 14 billion yen ($173 million U.S.), covering customer support, freebie packages, legal costs, lower sales and measures to beef up security.

It has said it has not confirmed any misuse of the possibly stolen personal information

Sony, meanwhile, said it expects an 80 billion yen ($975.6 million U.S.) profit for the current fiscal year, as sales recover in flat-panel TVs, games, personal computers and network services.

Sony chalked up a 259.6 billion yen loss for the fiscal year ended March 2011, the company's biggest net loss in 16 years.

Sony has been battling production delays and sales losses after supplier factories were damaged by the quake and tsunami in Japan this year.

TOKYO—Sony forecast a return to profit for this fiscal year after sinking into its third straight year of red ink, hammered by the costs of massive online security breaches and the damage from a March quake and tsunami in northeastern Japan.

Tokyo-based Sony Corp. said Thursday it expects an 80 billion yen ($975.6 million, dollar figures U.S.) profit for the current fiscal year, as sales recover in flat-panel TVs, games, personal computers and network services.

Sony chalked up a 259.6 billion yen ($3.2 billion) loss for the fiscal year ended March 2011, the company's biggest net loss in 16 years.

Sony's latest red ink is worse than the 40.8 billion yen loss racked up the previous year, and the 98.9 billion yen loss for the year before that.

Sony said it hopes to boost sales for the fiscal year through March 2012 by 4.4 per cent to 7.5 trillion yen ($91.5 billion).

The losses recall another difficult period in Sony's history, when its bottom line was battered in 1995 by the disastrous results of its movie operations, which followed Sony's $3.4 billion purchase of Hollywood studio Columbia Pictures in 1989.

Sony, which makes the PlayStation game console and Bravia liquid-crystal display TVs, has been battling production delays and sales losses after supplier factories were damaged by the quake and tsunami.

It lowered its earnings projection earlier this week, citing a charge it must take related to damages from the disaster. It had initially expected to return to profit.

Sony also faces a new kind of challenge to its reputation after acknowledging a massive security breach affecting more than 100 million online accounts, and was forced to close down its online gaming services last month.

Sony is expecting costs related to its online security woes of 14 billion yen ($173 million), covering customer support, freebie packages, legal costs, lower sales and measures to beef up security.

It has said it has not confirmed any misuse of the possibly stolen personal information, but more security problems have popped up in recent weeks, including services in Greece and Canada.

For the January-March quarter, Sony's red ink ballooned to 388.8 billion yen ($4.7 billion) in losses from a 56.6 billion yen loss for the same period the previous year. Quarterly sales dropped 7.8 per cent to 1.58 trillion yen ($19.3 billion).

Sony has stayed in the red in its core TV business for seven years straight. A strong yen, which erodes the value of overseas sales, and a decline in prices were behind the damage, despite selling more TVs, according to Sony.

Sony stock gained 0.1 per cent to 2,238 yen ($27) in Tokyo, shortly before earnings were announced.

Source

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.