You are here

How Manufacturing Enterprises Lose Trade Secrets and Customer Data

This is a digest of high-profile leaks that have hit manufacturing enterprises since the beginning of summer 2018, prepared by InfoWatch Analytical Center.

In June, Tesla filed a lawsuit against Martin Tripp, its former employee, alleging that he leaked its confidential information to parties outside the company. Martin Tripp, in turn, filed a whistleblower tip with the U.S. Securities and Exchange Commission in which he alleges Elon Musk’s company lied to investors, overreported Model 3 car production by up to 44%, and put unsafe batteries in its cars. Tesla denied Tripp's allegations calling him a disgruntled ex-employee who acted out of revenge.

Almost at the same time, Apple accused Xiaolang Zhang, its former engineer, of downloading and copying intellectual property relating to its autonomous vehicle project and handing it over to Chinese self-driving startup XMotors. It was found that roughly 40 GB of confidential data had been downloaded through the engineer's account without Apple's consent. During an interview, Zhang admitted to taking the hardware and data from Apple's autonomous vehicle labs due to his own interests. In turn, XMotors denied receiving any confidential or sensitive information from Zhang. Now, the accused is facing 10 years in prison and a $250,000 fine.

Manufacturing enterprises suffer not only from malicious actions by their employees, but also from accidental information leaks, with the latter being detected more and more often due to the evolution of cloud technology. Thus, in early July, the UpGuard Cyber Risk team discovered that, due to wrong storage settings, tens of thousands of sensitive documents for over a hundred of manufacturing companies were exposed on a publicly accessible server belonging to Level One Robotics, a Canadian engineering service provider specializing in process automation. Among the companies with data exposed in the incident are divisions of Volkswagen, Chrysler, Ford, General Motors, and Tesla. In addition to technical documents such as assembly line schematics, factory floor layouts, and robotic configurations, the discovered data included non-disclosure agreements detailing the sensitivity of the exposed information, as well as Level One business data and personal details of some employees.

A short while ago, BHP Billiton, one of world’s largest mining companies, said it had launched an investigation into confidential payroll information being accidentally emailed to incorrect recipients. According to the company's spokespersons, up to 2,000 of BHP's 23,000 Australian employees were affected.