In an undated notice on its website, Honda Canada said that the data breach “involved the unauthorized access of information as held in our records in 2009, specifically name, address, vehicle identification number (VIN), and in a small number of cases, Honda Financial Services account numbers.”
The notice did not disclose the number of people affected, but the Toronto Star reported that 283,000 Honda Canada customers were involved, citing Jerry Chenkin, executive vice president and chief compliance officer at Honda Canada.
In a May 13 letter to affected vehicle owners obtained by the Star, Honda Canada said it was alerted by unusual volume on the sites, including “some unauthorized attempts to access account information.”
Honda stressed that the data did not include birth dates, telephone numbers, email addresses, credit card numbers, bank account numbers, driver’s license numbers, or social insurance numbers.
The company said it was in the process of notifying affected customers. It explained that, though the breach took place in 2009, it was just now notifying customers because the unauthorized access took place recently. “Upon detection, immediate action was taken to prevent further unauthorized access”, the company added.
The Canadian Privacy Commissioner, as well as provincial privacy commissioners, have been notified about the breach, the company said.
“Honda sincerely apologizes for this incident and we are working diligently to protect your information and improve our data security procedures”, the company added.