Organizations across the world constantly face the challenge of ensuring security of customer and business information. While customer data breach puts organizational reputation at risk, breach of business information may adversely affect organizations competitiveness. Recently, American Honda Motor Co., one of the leading automobile manufacturers, reported breach of customer records of around 4.9 million customers. The data compromised includes names, e-mail addresses, user names and vehicle identification numbers of around 2.2 million Honda owners. E-mail addresses of around 2.7 million Acura owners were also compromised.
Hackers reportedly breached the systems of Atlanta-based e-mail service provider – Silverpop Systems. Silverpop Systems provides services to over 100 clients. Honda’ warning follows a similar warning issued by McDonalds, Walgreens and deviantArt. In this case, law enforcement authorities are investigating the case. Usually, professionals who have undertaken computer forensic training are hired to trace the culprits. These experts examine, collect, collate and analyze data and trace evidence against the perpetrators of crime. However, a large number of cases remain unresolved due to lack of evidence. Cybercriminals can be traced and prosecuted if the targeted organization has legally admissible evidence against them. Therefore, the affected computer systems must be protected from tampering and manipulation. Organizations may encourage employees in the IT department to improve their awareness on computer crime investigation by enrolling into computer forensics courses.
Honda has sent e-mails to all affected customers. The company has also issued an advisory on password creation and maintenance. Customers must be wary of reply to e-mails asking for personal information and authentication details. Often, cybercriminals send cleverly crafted fake e-mails, which seem to have come from a legitimate company. Customer may verify the authenticity of the email by contacting the customer relations personnel of a company by phone. Internet users must desist from reply to suspicious e-mails and e-mails from unknown persons. Cybercriminals are constantly improvising their attack techniques. As such, organizations must have an incident handling team to ensure proper collection of evidence. Incident handling team members may be guided through computer forensics online training programs to ensure proper collection of evidence and adherence to all procedures.