Last week, researchers found a security vulnerability on the official website of the American auto giant Ford Motor Company. This vulnerability includes access to sensitive systems, customer database, and employee information. provides easy access to many detailed data. provided.

Discovered by Robert Willis and break3r, this vulnerability was later Sakura Samurai

Tried by hacker group and it turned out that the source of the problem was a bug in the CRM software.

Ford took 6 months to acknowledge this vulnerability

HackerOne, the hacker group, is not the malicious group that demands ransom after hacking large corporations. On the contrary, just like Ford, big companies detect any security vulnerabilities on serious websites, and in return (if any) incentive or fault finding reward they get.

According to the head of the group, John Jackson, Ford did not care much about this vulnerability on the website. Jackson and his group emailed Ford in February about the vulnerability they identified, listing customer and employee records, including financial account numbers. stated that extremely important information is vulnerable but received no tangible response from Ford.

Sakura Samurai , so that Ford can realize this without breaking the law. The company, which had to wait for 6 months and finally held thousands of important data, took a step towards the vulnerability.

American automobile giant Ford described the findings sent by the hacker group as “special findings” and said that they would not make a public statement on the subject. According to the information given, Ford immediately after their findings. to take the system offline and fix the problem started to work.

Like it? Share with your friends!

Michael Lewis


Your email address will not be published. Required fields are marked *