Ricoh Australia

Banks, governmental organisations, universities, and many other significant corporations have been informed by Ricoh's Australia office about an odd data breach that, in certain cases, exposed login information for its multifunction devices.

The most private records that have been made public are those from Commonwealth Bank.

They contain SMTP credentials for Ricoh's MP C6503 and MP 8003 machines, which are used by the banks, as well as two sets of administrator credentials, one "supervisor" account, and two sets of SMTP credentials.

Since then, Ricoh has removed the documents' storage domain from the internet.

Source: https://www.govinfosecurity.com/ricoh-australia-scrambles-to-fix-document-leak-a-10123

"id": "RIC175241022",
"linkid": "ricoh-australia",
"type": "Breach",
"date": "07/2017",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"