Tens of Thousands of sensitive documents of more than 100 companies were found unprotected on the open server belonging to a small Canadian company, Level One Robotics and Controls.
On July 1, cybersecurity firm Upguard discovered that the data was available for download, access, and could be changed by anyone. The researchers had found out that the malicious actors have modified the documents on direct deposit forms or embedded malware in the company’s servers.
“That was a big red flag,” Chris Vickery, the researcher who found the data. “If you see NDAs, you know right away that you’ve found something that’s not supposed to be publicly available.”
The trove included detailed blueprints and factory line schematics, robotics configurations, client materials, contracts, invoices, work plans and other dozens of trade secrets of automakers like Volkswagen, Toyota, and Tesla.
"The 157 gigabytes of exposed data include over 10 years of assembly line schematics, factory floor plans and layouts, robotic configurations and documentation, ID badge request forms, VPN access request forms, and ironically, non-disclosure agreements, detailing the sensitivity of the exposed information," Upguard blog.
The database also included some personal information about Level One employees such as their passports and driver’s licenses. Mr. Vickery informed the company last week, and the breached database was taken offline within a day.
According to the Upguard blog, the data was exposed via rsync, a common file transfer protocol used to mirror or backup large data sets. The rsync server was not restricted by IP or user, and the data set was downloadable to any rsync client that connected to the rsync port."
The company was successfully able to patch the hole by July 9 and the exposure was closed by the following day.