Security Experts:

Connect with us

Hi, what are you looking for?


Data Protection

Data Leak at Robotics Firm Exposes Global Manufacturers

A publicly accessible server belonging to robotics vendor Level One Robotics and Controls, Inc. contained sensitive documents connected to more than one hundred manufacturing companies.

A publicly accessible server belonging to robotics vendor Level One Robotics and Controls, Inc. contained sensitive documents connected to more than one hundred manufacturing companies.

Established in 2000, the engineering service provider offers automation process and assembly for OEM’s, Tier 1 automotive suppliers, and end users, delivering services such as project management, design, integration, debug, and training.

The exposed server was discovered by UpGuard Cyber Risk team earlier this month. It contained 157 gigabytes of data, including documents, schematics, and other information belonging to the provider’s customers and employees.

The exposed data included “over 10 years of assembly line schematics, factory floor plans and layouts, robotic configurations and documentation, ID badge request forms, VPN access request forms, and ironically, non-disclosure agreements,” the security firm reveals.

Specifications and use of the machines, as well as animations of the robots at work, customer contact details, and ID badge request forms were also found on the server.

Level One customers impacted by the data exposure include divisions of VW, Chrysler, Ford, Toyota, GM, Tesla and ThyssenKrupp.

The server also contained data belonging to organization’s employees, such as scans of driver’s licenses and passports and other identification. Level One business data was also exposed, including invoices, prices, contracts, typical business documents, and bank account details (including account and routing numbers, and SWIFT codes).

“The sheer amount of sensitive data and the number of affected businesses illustrate how third and fourth-party supply chain cyber risk can affect even the largest companies,” the security firm notes.

UpGuard says the data was exposed via rsync, the file transfer protocol commonly used for large data transfers. The researchers discovered that access to the server wasn’t restricted by IP or user and that the data was downloadable to any rsync client that connected to the rsync port.

“This is the same type of administrative error we continue to see over and over again both on-premise as well as in the cloud. Until organizations wholly operationalize security into their development lifecycle, we will likely continue to see similar data exposure from non-malicious insiders,” Matt Chiodi
, VP of Cloud Security at RedLock, told
SecurityWeek in an emailed commentary.

Discovered on July 1, 2018, the exposed rsync server was established to belong to Level One several days later. The company was successfully informed on the issue on July 9 and closed the exposure by the next day.

“The fact that this kind of breached happened and data from so many big players was involved goes to show that anyone can be a victim if third parties are not continuously vetted. It is no longer enough for companies to maintain trust through a one-time or annual audit. Big players should demand a transparent and ongoing demonstration of security controls in action,” James Lerud, head of the Behavioral Research Team at Verodin, said in an emailed commentary.

Related: 200 Million Sets of Japanese PII Emerge on Underground Forums

Related: Thousands of Mobile Apps Leak Data from Firebase Databases

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.


The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cybersecurity Funding

CommandK announced that it has raised $3 million in a seed funding round for a solution designed to help organizations secure sensitive data.

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...