The company hasn’t yet disclosed details on how the company’s systems were breached, or when the data was accessed.
A Honda spokesman in Canada did not immediately respond to a request for information about the breach.
An undated alert posted on the company’s Web site warned users of “unauthorized access of some customer data,” including customer names, addresses, Vehicle Identification Numbers, and in the case of a small number of customers, Honda Financial Services account numbers.
The breach involved data that was on a mailing list used by Honda in 2009 for a marketing program.
“The mailings all took place in 2009, however; the unauthorized access took place recently,” the company claimed in its alert. “Upon detection, immediate action was taken to prevent further unauthorized access.”
The data that was exposed is unlikely to result in identity theft because it did not include details such as Social Security numbers, driver’s license information, birth dates, phone numbers and credit card numbers, Honda claimed in its notice.
The note warned affected customers to be on the lookout for phishing campaigns referencing their ownership of a Honda vehicle. But for the moment at least, customers do not have to take any measure to protect themselves, the company said.
News of the breach was first reported by DataBreaches.net .
In its alert, Honda claimed that it is “working diligently” to ensure that a similar breach does not happen in future. The company said it has also notified Canada’s federal and provincial privacy commissioners about the breach.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan , or subscribe to Jaikumar’s RSS feed . His e-mail address is firstname.lastname@example.org .