An exposed database at automotive giant Honda allowed anyone to see which systems on its network were vulnerable to unpatched security flaws, potentially giving hackers insider knowledge of the company’s weak points.
The server contained 134 million rows of employee systems data from the company’s endpoint security service, containing technical details of each computer and device connected to the internal network.
There was no password on the database, allowing anyone to access and read the data.
The data included which operating system a user was running, its unique network identifiers and IP address, the status of the endpoint protection, and which patches were installed. That could allow an attacker to figure out which systems are at risk of certain vulnerabilities, or tailor attacks towards machines