UpGuard

The UpGuard Cyber Risk team disclosed that sensitive documents for over a hundred manufacturing companies were exposed on a publicly accessible server belonging to Level One Robotics.

Among the companies with data exposed in the incident are divisions of VW, Chrysler, Ford, Toyota, GM, Tesla and ThyssenKrupp.

The 157 gigabytes of exposed data include over 10 years of assembly line schematics, factory floor plans and layouts, robotic configurations and documentation, ID badge request forms, VPN access request forms, and ironically, non-disclosure agreements, detailing the sensitivity of the exposed information.

Not all types of information were discovered for all customers, but each customer contained some data of these kinds.

It also included personal details of some Level One employees, including scans of driver’s licenses and passports, and Level One business data, including invoices, contracts, and bank account details.

Source: https://www.upguard.com/breaches/short-circuit-how-a-robotics-vendor-exposed-confidential-data-for-major-manufacturing-companies

"id": "UPG12291122",
"linkid": "upguard",
"type": "Data Leak",
"date": "07/2018",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"