11 Aug U.S. Engineering Firm’s System Issues Exposes Clients’ Corporate Information
Electrical engineering firm Power Quality Engineering (PQE) in Texas has accidentally exposed clients’ sensitive corporate information online because of a system oversight.
UpGuard security researchers flagged the issue, identifying a port used for remote synchronization. Researchers say administrators were supposed to restrict access to the port, but PQE missed a configuration step which consequently exposed client data.
Clients like Oracle, Dell, and the City of Austin are said to be in danger of data theft. The exposed information included electrical infrastructure data, detailing weaknesses inspected in companies. It also contained sensitive information to confidential government-operated intelligence rooms located in a Dell facility.
As for exposed information on Austin, data on solar field schematics and hazardous project reports were also included.
According to UpGuard, the incident is an example of how attackers can take advantage of system flaws that are easily overlooked by companies. They warned firms to always ensure security protocols are implemented properly to prevent exposure.
Source: SecurityWeek
