P2011-ND-020

Honda Canada Inc. and Honda Canada Finance Inc.

In 2009, the Organization sent letters inviting its customers to register in a web portal which would allow online access to various vehicle information. The invitation letters included a Personalized URL, or ?PURL?. The PURL registration pre-filled certain customer information. On March 2, 2011, the Organization noted an activity report showed an unusual volume of requests from a single IP address (the ?Anomaly IP?) between February 12 ? 23, 2011. On investigation, the Organization discovered 26,632 PURLS had been accessed. The Organizaton could not determine exactly how the breach occurred. It remains possible that its customer database was accessed.

File Type: pdf
Categories: 2011
Tags: Unauthorized access