Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

Data Leak at Robotics Firm Exposes Global Manufacturers

A publicly accessible server belonging to robotics vendor Level One Robotics and Controls, Inc. contained sensitive documents connected to more than one hundred manufacturing companies.

A publicly accessible server belonging to robotics vendor Level One Robotics and Controls, Inc. contained sensitive documents connected to more than one hundred manufacturing companies.

Established in 2000, the engineering service provider offers automation process and assembly for OEM’s, Tier 1 automotive suppliers, and end users, delivering services such as project management, design, integration, debug, and training.

The exposed server was discovered by UpGuard Cyber Risk team earlier this month. It contained 157 gigabytes of data, including documents, schematics, and other information belonging to the provider’s customers and employees.

The exposed data included “over 10 years of assembly line schematics, factory floor plans and layouts, robotic configurations and documentation, ID badge request forms, VPN access request forms, and ironically, non-disclosure agreements,” the security firm reveals.

Specifications and use of the machines, as well as animations of the robots at work, customer contact details, and ID badge request forms were also found on the server.

Level One customers impacted by the data exposure include divisions of VW, Chrysler, Ford, Toyota, GM, Tesla and ThyssenKrupp.

The server also contained data belonging to organization’s employees, such as scans of driver’s licenses and passports and other identification. Level One business data was also exposed, including invoices, prices, contracts, typical business documents, and bank account details (including account and routing numbers, and SWIFT codes).

“The sheer amount of sensitive data and the number of affected businesses illustrate how third and fourth-party supply chain cyber risk can affect even the largest companies,” the security firm notes.

Advertisement. Scroll to continue reading.

UpGuard says the data was exposed via rsync, the file transfer protocol commonly used for large data transfers. The researchers discovered that access to the server wasn’t restricted by IP or user and that the data was downloadable to any rsync client that connected to the rsync port.

“This is the same type of administrative error we continue to see over and over again both on-premise as well as in the cloud. Until organizations wholly operationalize security into their development lifecycle, we will likely continue to see similar data exposure from non-malicious insiders,” Matt Chiodi
, VP of Cloud Security at RedLock, told
SecurityWeek in an emailed commentary.

Discovered on July 1, 2018, the exposed rsync server was established to belong to Level One several days later. The company was successfully informed on the issue on July 9 and closed the exposure by the next day.

“The fact that this kind of breached happened and data from so many big players was involved goes to show that anyone can be a victim if third parties are not continuously vetted. It is no longer enough for companies to maintain trust through a one-time or annual audit. Big players should demand a transparent and ongoing demonstration of security controls in action,” James Lerud, head of the Behavioral Research Team at Verodin, said in an emailed commentary.

Related: 200 Million Sets of Japanese PII Emerge on Underground Forums

Related: Thousands of Mobile Apps Leak Data from Firebase Databases

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Former DoD CISO Jack Wilmer has been named CEO of defensive and offensive cyber solutions provider SIXGEN.

Certificate lifecycle management firm Sectigo has hired Jason Scott as its CISO.

The State of Vermont has appointed John Toney as the state’s new CISO.

More People On The Move

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Compliance

The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Data Protection

While quantum-based attacks are still in the future, organizations must think about how to defend data in transit when encryption no longer works.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...