Alerts from cybersecurity researchers helped Ford Motor Company prevent exposure of customer and employee records, the Detroit Free Press
"Based on evidence provided to Ford and our internal investigation, we don't believe any sensitive personal information
about employees or customers was accessed or compromised in this instance, which was identified and addressed nearly six months ago," said Ford spokesperson T.R. Reid.
However, London-based cybersecurity expert Ax Sharma criticized Ford for not disclosing the incident earlier and failing to indicate whether its systems were breached.
"They've waited a whole six months to disclose this. Having data breach or not, that's not the point. You usually make the findings public on HackerOne, a platform that lets researchers report things to companies, once the situation is safe," said Sharma.
BleepingComputer reported on Sunday that Ford's website had a security flaw that enabled access to sensitive systems and data, such as customer and employee records, as well as internal tickets.