15 July 2014
Formech Customer Database
manufactures vacuum forming machines (manual and fully automatic) for diverse
markets including theatre/tv/film special effects, medical, defence, aerospace,
education, modelling, product development prototyping and full commercial
Founded in 1982, based in Chicago, IL, USA; Harpenden, Hertfordshire, just
north of London, UK; plus Leimersheim in Germany.
Customers include Apple, Microsoft, Raytheon, Lockheed Martin, BMW, Volkswagen,
Honda, Royal Shakespeare Company, Cambridge University, University of California
(Berkeley), Police Service of Northern Ireland and even MI5, MI6 (under aliases
known to journalists) and the UK's military research laboratories at Porton
Formech states itself that their customer base reads like a Who's Who.
So it is unfortunate that Formech leaves its accounts system (via a matching
.NET domain, supposedly behind a login) wide open for casual public viewing
and Google indexing:-
With such goodies as this:-
In particular, Apple's purchase of a brand new HD686 machine at $85,000 due
for delivery at the end of August 2014, naming Apple's Senior Packaging
Engineering Manager Mark Doutt as the key contact.
The usual response to these data scandals is to blame a hack attempt on the
company's servers, even blaming it on the person revealing it. The truth
is nearly always an incompetent IT department and web designer coupled with
a blissfully clueless CEO.