Royal Enfield

In January 2020 the Indian motorcycle manufacturer Royal Enfield was involved in a significant data security incident. A misconfigured server left a database publicly accessible on the internet without password protection. This exposure allowed unauthorized access to sensitive information belonging to over 450000 customers. The leaked data contained personal details including full names and contact information alongside account credentials. Security researchers identified the open server which also contained internal technical logs and customer purchase history before it was secured by the company.