Data Breach Exposes Trade Secrets of Carmakers GM, Ford, Tesla, Toyota
The Security Researchers from UpGuard Cyber Risk has reported on Friday that the sensitive documents from more than over 100 manufacturing companies, which do includes the GM, Fiat Chrysler, Ford, Tesla, Toyota, ThyssenKrupp, and VW were exposed on the publicly accessible server belonging to level One Robotics.
The exposure comes from Level One Robotics, which do provides the industrial automation services, which came through the rsync, a common file transfer protocol which is used to backup the large data sets, according to the UpGuard Cyber Risk. This data breach was at very first reported by the New York Times.
According to the security researchers, the restrictions were not applied on the rsync server. However, this means that any of the rsync client were able to get connected to the rsync port and had the complete access to get over that data and download them.
UpGuard Cyber Risk has published its account of how it discovered the data breach to show how a company within supply chain can affect the large companies with seemingly tight security protocols.
This exactly means that if someone knew where to look they could easily access the trade secrets closely which is protected by the automakers.
UpGuard’s big takeaway in this case: rsync instances that should be restricted by the IP address. The UpGuard researchers have also suggested that the user access to rsync should be set up so that the clients have to authenticate before even receiving the dataset. Without this, rsync is of course publicly accessible, researchers said.
This data breach has exposed over 157 GigaBytes data— a treasure of over 10 years of assembly line schematics, factory floot plans and the layouts, robotics configuration and documentation, ID badge request forms, VPN access request forms. This data breach does included the very sensitive non-disclose agreements, which is included one from Tesla.
Personal details of some Level One Employees, including the scans of the driver’s license and the passports, and the Level One business data, including the invoices, contracts, and bank account details.
The security researchers have discovered the breach on July 1st. The company has successfully reached the Level One by the July 9th and the exposure was closed by the following day.
Jahanzaib Khan, thank you ever so for you post.Much thanks again.