Wednesday, September 18, 2024
HomeData Breach157 GB of Sensitive Data From Top Manufacturer Including Ford, Toyota, GM,...

157 GB of Sensitive Data From Top Manufacturer Including Ford, Toyota, GM, Tesla Exposed Online

Published on

Sensitive data of more than hundred equipment manufacturers companies exposed online. The exposed data belongs to the manufacturing giants that includes VW, Chrysler, Ford, Toyota, GM, Tesla, and ThyssenKrupp.

UpGuard Cyber Risk team discovered the publically exposed data that includes over 10 years of assembly line schematics, factory floor plans and layouts, robotic configurations and documentation, ID badge request forms, VPN access request forms, and ironically, non-disclosure agreements, detailing the sensitivity of the exposed information.

The data exposed as the companies failed to restrict the rsync server by IP or user and the data is available in public for any rsync client.

Upguard team identified the exposed data on July 1st, 2018 and the issue reported to Tier 1 automotive suppliers on July 9th and the exposure was taken down by July 10th.

- Advertisement - EHA

The exposed data contains Customer data contact details such as name, ID badges, VPN credentials and title of client employees. Employees data such as scans of passports, driver’s licenses, and other identification.

manufacturers companies exposed

Also, it includes corporate data such as invoices, prices, scopes of work, customers, projects, and the common business documents. It is unclear if someone has access to the database other than Upguard.

“The supply chain has become the weakest part of enterprise data privacy. Companies that spend many millions a year on cybersecurity can still be exposed by a vendor who handles their data,” says Upguard.

Also Read

Thousands of US Voters Personal Data Leaked Online Again

LabCorp Security Breach Puts Millions of Patient Records at Risk

Web Hosting Company Domainfactory Hacked – Customers Sensitive Personal Data Leaked

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

UNC2970 Hackers Attacking Job Seekers Using Weaponized PDF Reader

UNC2970, a North Korean cyber espionage group, used customized SumatraPDF trojans to deliver MISTPEN...

Microsoft Windows Kernel Vulnerability Exploited in the Wild

Microsoft has confirmed the exploitation of a Windows Kernel vulnerability, identified as CVE-2024-37985, in...

Discord Announces End-to-End Encryption for Audio & Video Chats

Discord has introduced end-to-end encryption (E2EE) for audio and video chats.Known as the...

Threat Actor Allegedly Selling Bharat Petroleum Database

A threat actor has allegedly put up for sale a database belonging to Bharat...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

Threat Actor Allegedly Selling Bharat Petroleum Database

A threat actor has allegedly put up for sale a database belonging to Bharat...

Fortinet Confirms Data Breach Following Hacker’s Claim of 440GB Data Theft

Fortinet, a leading cybersecurity firm, has confirmed a data breach involving a third-party cloud...

New Android Spyware As TV Streaming App Steals Sensitive Data From Devices

Recent research has revealed a new Android malware targeting mnemonic keys, a crucial component...