EXECUTIVE SUMMARY:
“If you see NDAs, you know right away that you’ve found something that’s not supposed to be publicly available.” Those were the words used by the security researcher who discovered at least 157GB of unprotected confidential data relating to Tesla, Toyota, Volkswagen, and almost all of the largest automakers.
The data, which included proprietary information such as schematics, factory floor plans, and sensitive client materials like contracts, non-disclosure agreements (NDAs), and invoices was found on an unsecured backup server belonging to Canada-based Level One Robotics and Controls.
The New York Times reports that anyone who could connect to the server could download the material from more than 100 companies. Nearly 47,000 files were available, without password or special permissions.
Cybersecurity issues related to third-party vendors continue to be problematic. Referencing a Ponemon Institute study, The New York Times notes that fifty-six percent of the businesses polled had at some point experienced a data breach linked to a vendor. Not only that, respondents said an average of 470 outside companies had access to their sensitive corporate information, up from around 380 a year earlier.
Get the full story at The New York Times.