SECURITY
SECURITY
SECURITY
134M documents found exposed on unsecured Honda Elasticsearch database
An Elasticsearch database with more than 134 million records belonging to car maker Honda Motor Co. was discovered unsecured online by a security researcher earlier this month in yet another case of a company failing to secure its cloud-hosted data properly.
Discovered by researcher Justin Paine and detailed on Rainbowtabl.es today, the database was found through a search on the Shodan security search engine on July 4. The Elasticsearch database contained approximately 134 million documents totaling 40 gigabytes of data going back to March 13 this year. The documents primarily consisted of internal systems data.
“The data contained within this database was related to the internal network and computers of Honda Motor Company,” Paine said. “The information available in the database appeared to be something like an inventory of all Honda internal machines. This included information such as machine hostname, MAC address, internal IP, operating system version, which patches had been applied and the status of Honda’s endpoint security software.”
While the database did include employee information such as names, emails and the employee’s last login it was security data in the database that was the biggest cause for concern according to Paine. In one file, 3,000 data points were stored in a table labeled “uncontrolledmachine,” which is presumed to be a reference to computers on Honda’s network that are not using endpoint security software.
“If an attacker is looking for a way into Honda’s network knowing which machines are far less likely to identify/block their attacks would be critical information,” Paine explained. “These ‘uncontrolled machines’ could very easily be the open door into the entire network.”
Some of the employee data was more notable than others, however. One dataset included details of Honda Chief Executive Officer Takahiro Hachigo’s full email, account name and employee ID, last login date, as well as device data such as MAC address, patching history, OS version, endpoint security status, IP address and device type. According to Paine, that data in the wrong hands could have easily allowed hackers to target Hachigo.
The only good news in the story is upon being informed of the exposed database, Honda acted the same day to secure it. Officially, Honda said it had checked the system’s access logs and found no signs of data download by any third parties, meaning that it wasn’t stolen by bad actors. But the case once again highlights the often poor state of poor cloud security.
Photo: Shuets Udono/Wikimedia Commons
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
