Short Circuit: How a Robotics Vendor Exposed Confidential Data for Major Manufacturing Companies

The UpGuard Cyber Risk team discovered 157GB of sensitive data from over 100 manufacturing companies publicly accessible on a server belonging to Level One Robotics. Among the victims were VW, Chrysler, Ford, Toyota, GM, Tesla and ThyssenKrupp. Exposed data included over 10 years of assembly line schematics, factory floor plans and layouts, robotic configurations and personal details of some Level One employees. The data was exposed via rsync, a file transfer protocol used to mirror or backup large datasets. Level One shut the exposure down on 10 July.