Thousands classified car industry files left online for all to read

stealing car data

Trade secrets of the car industry were discovered unprotected online for anyone to see as 157-gigabytes of sensitive data including blueprints, factory schematics, client invoices, contracts, work plans, and even non-disclosure agreements (NDAs), was stumbled upon by security researcher, Chris Vickery.

Over 100 companies were affected including Toyota, Tesla, Ford, General Motors, Fiat Chrysler Automobiles, and Volkswagen. All companies were in contact with a Canadian firm Level One Robotics and Controls, who specialize in designing automation processes for automakers and industry suppliers.

Vickery found the data on one of Level One’s backup servers. There wasn’t even any hacking required because the server wasn’t password protected. Anyone who found its location had full access to the files, which also included personal information on some Level One employees; scanned copies of driver’s licenses and passports.

Essentially, all this sensitive data was left unprotected in Level One’s cloud. The information has since been taken down, but the obvious need for companies to get serious when it comes to securing data in the cloud gets more glaringly evident every day.

In this instance, Level One was not just responsible for its own data, but that of many other companies too. Level One has stressed how unlikely it is that anyone other than Vickers would have found the server address, but that’s hard to buy since hackers and cybercriminals spend their days looking for these exact types of weaknesses, and they are every bit as savvy as Vickers. 

If Vickers had come across the server address, but the data was password protected, there would be less of a story. It might still have been accessible with a hack. If he found the serve address and the data inside was encrypted, there would be no story. He would only be able to view a pile of junk files. If he came across the server address and Level One had been using get2Clouds, meaning the data was encrypted and the server was password protected, there definitely would be no story. 

There are so many layers of added protection with get2Clouds; an app lock so no one else can access data in the app it if your device falls into the wrong hands, single chat encryption, server encryption, secure file transfers of unlimited size, encrypt unlimited clouds, FaceCheck to see who is opening your messages, and much more. You don’t have to avail of every layer of protection, but in 2018 it is unforgivable that some companies still have no level of data security in place. 

The corporate cloud messenger based on get2Clouds technology can be tailored to fit individual company needs with different layers of access. Don't wait for data to be stolen before you protect it. Find out more here.