The target: Ford, a U.S based maker of automobiles.
The take: Exposure of Personally Identifiable Information including: customer and employee records, finance account numbers, database names and tables, internal support tickets, user profiles, and authentication access tokens,
The attack vector: A known vulnerability present in one of Ford’s misconfigured customer management interfaces named Pega Infinity, could have allowed an attacker access to the backend web panel. From here, they could execute malicious commands through the URL to retrieve data base tables, run queries, and more critically, perform administrative actions.
This breach highlights the importance of having processes in place to update software in a timely manner, an essential part of complying with industry standard cybersecurity practices. Furthermore, this exposure also demonstrates how one exposed point of access can have a cascading and multiplying effect on the severity of a breach.