Share this article on:
A threat actor claims to have exfiltrated over 3 million records from Japanese car manufacturing giant Honda.
In a post to a popular hacking forum, a threat actor by the name of “Empire” claimed that in March 2025, they breached the network of the Indian branch of Honda, exfiltrating 3,176,968 records.
“Today, I am selling the Honda I-bap (Honda Cars India Ltd) data breach. Thanks for reading and enjoy,” said the threat actor.
According to the listing, there is a wide range of data types within the exfiltrated data, including customer names, billing addresses, dealer names and addresses, phone numbers, finance periods, number of models owned, purchase date, dealer names, age, marriage details, marketing cloud information and much more.
Empire also posted a sample of the allegedly stolen data; however, many of the data type fields have been left empty. Cyber Daily has also been unable to verify the authenticity of the data.
The alleged Honda data has been listed for sale for US$1,500.
The incident follows another alleged breach of a car manufacturer just last week when a threat actor claimed to have data belonging to Jaguar Land Rover.
The two British car brands, which are now a joint subsidiary of Indian company Tata Motors, were listed on the same popular hacking forum by a user called “Rey”, who claimed the company had suffered a data breach.
“In March 2025, Jaguar Land Rover – a renowned global automotive brand with reported revenue of $29.9 billion – suffered a major data breach,” said Rey.
“The leak includes around 700 internal documents (development logs, tracking data, source codes, etc.) and a compromised employees dataset exposing sensitive information such as username, email, display name, time zone, and more.”
Within the listing, Rey posted a sample of the data, which included specific alleged employee records. While Cyber Daily cannot confirm the legitimacy of the data, some of the names listed are of real Jaguar Land Rover employees.
The time zones, however, indicate that the alleged breach has affected employees all over the world rather than just regional operations.
Arguably, the most concerning data allegedly stolen is the tracking data. This information could be used by a threat actor to find individual customers or could be sold to groups who intend to do the same thing.
Source code could also prove problematic for the company, allowing threat actors to leak intellectual property or use cloud access keys or passwords to access more information.
Cyber Daily has reached out to Jaguar Land Rover for more information.