Friday, December 6, 2024
HomeData Breach157 GB of Sensitive Data From Top Manufacturer Including Ford, Toyota, GM,...

157 GB of Sensitive Data From Top Manufacturer Including Ford, Toyota, GM, Tesla Exposed Online

Published on

SIEM as a Service

Sensitive data of more than hundred equipment manufacturers companies exposed online. The exposed data belongs to the manufacturing giants that includes VW, Chrysler, Ford, Toyota, GM, Tesla, and ThyssenKrupp.

UpGuard Cyber Risk team discovered the publically exposed data that includes over 10 years of assembly line schematics, factory floor plans and layouts, robotic configurations and documentation, ID badge request forms, VPN access request forms, and ironically, non-disclosure agreements, detailing the sensitivity of the exposed information.

The data exposed as the companies failed to restrict the rsync server by IP or user and the data is available in public for any rsync client.

Upguard team identified the exposed data on July 1st, 2018 and the issue reported to Tier 1 automotive suppliers on July 9th and the exposure was taken down by July 10th.

- Advertisement - SIEM as a Service

The exposed data contains Customer data contact details such as name, ID badges, VPN credentials and title of client employees. Employees data such as scans of passports, driver’s licenses, and other identification.

manufacturers companies exposed

Also, it includes corporate data such as invoices, prices, scopes of work, customers, projects, and the common business documents. It is unclear if someone has access to the database other than Upguard.

“The supply chain has become the weakest part of enterprise data privacy. Companies that spend many millions a year on cybersecurity can still be exposed by a vendor who handles their data,” says Upguard.

Also Read

Thousands of US Voters Personal Data Leaked Online Again

LabCorp Security Breach Puts Millions of Patient Records at Risk

Web Hosting Company Domainfactory Hacked – Customers Sensitive Personal Data Leaked

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Top Five Industries Most Frequently Targeted by Phishing Attacks

Researchers analyzed phishing attacks from Q3 2023 to Q3 2024 and identified the top...

Russian BlueAlpha APT Exploits Cloudflare Tunnels to Distribute Custom Malware

BlueAlpha, a Russian state-sponsored group, is actively targeting Ukrainian individuals and organizations by using...

Russian Hackers Hijacked Pakistani Actor Servers For C2 Communication

Secret Blizzard, a Russian threat actor, has infiltrated 33 command-and-control (C2) servers belonging to...

Sophisticated Celestial Stealer Targets Browsers to Steal Login Credentials

Researchers discovered Celestial Stealer, a JavaScript-based MaaS infostealer targeting Windows systems that, evading detection...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Threat Actors Allegedly Claims Breach of EazyDiner Reservation Platform

Reports have emerged of a potential data breach involving EazyDiner, a leading restaurant reservation...

Researchers Detailed New Exfiltration Techniques Used By Ransomware Groups

Ransomware groups and state-sponsored actors increasingly exploit data exfiltration to maximize extortion and intelligence...

Massive Credit Card Leak, Database of 1,221,551 Cards Circulating on Dark Web

A massive data breach has sent shockwaves across the globe, as a database containing...