Powered by MOMENTUM MEDIA
lawyers weekly logo

Powered by MOMENTUMMEDIA

Breaking news and updates daily. Subscribe to our Newsletter
Advertisement

Exclusive: Threat actor advertises over 3m Honda records for sale

A threat actor claims to have exfiltrated over 3 million records from Japanese car manufacturing giant Honda.

user icon Daniel Croft
Mon, 17 Mar 2025
Exclusive: Threat actor advertises over 3m Honda records for sale
expand image

In a post to a popular hacking forum, a threat actor by the name of “Empire” claimed that in March 2025, they breached the network of the Indian branch of Honda, exfiltrating 3,176,968 records.

“Today, I am selling the Honda I-bap (Honda Cars India Ltd) data breach. Thanks for reading and enjoy,” said the threat actor.

According to the listing, there is a wide range of data types within the exfiltrated data, including customer names, billing addresses, dealer names and addresses, phone numbers, finance periods, number of models owned, purchase date, dealer names, age, marriage details, marketing cloud information and much more.

Empire also posted a sample of the allegedly stolen data; however, many of the data type fields have been left empty. Cyber Daily has also been unable to verify the authenticity of the data.

The alleged Honda data has been listed for sale for US$1,500.

The incident follows another alleged breach of a car manufacturer just last week when a threat actor claimed to have data belonging to Jaguar Land Rover.

The two British car brands, which are now a joint subsidiary of Indian company Tata Motors, were listed on the same popular hacking forum by a user called “Rey”, who claimed the company had suffered a data breach.

“In March 2025, Jaguar Land Rover – a renowned global automotive brand with reported revenue of $29.9 billion – suffered a major data breach,” said Rey.

“The leak includes around 700 internal documents (development logs, tracking data, source codes, etc.) and a compromised employees dataset exposing sensitive information such as username, email, display name, time zone, and more.”

Within the listing, Rey posted a sample of the data, which included specific alleged employee records. While Cyber Daily cannot confirm the legitimacy of the data, some of the names listed are of real Jaguar Land Rover employees.

The time zones, however, indicate that the alleged breach has affected employees all over the world rather than just regional operations.

Arguably, the most concerning data allegedly stolen is the tracking data. This information could be used by a threat actor to find individual customers or could be sold to groups who intend to do the same thing.

Source code could also prove problematic for the company, allowing threat actors to leak intellectual property or use cloud access keys or passwords to access more information.

Cyber Daily has reached out to Jaguar Land Rover for more information.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.
You need to be a member to post comments. Become a member for free today!

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.