Mercedes-Benz USA A.I CyberSecurity Scoring
Mercedes-Benz USA
Company Information
Website:http://www.mbusa.com
Employees number:12,384
Number of followers:777,724
NAICS:3361
Industry Type:Motor Vehicle Manufacturing
Homepage:mbusa.com
Mercedes-Benz USA Risk Score (AI oriented)
Between 750 and 799
Mercedes-Benz USAMotor Vehicle Manufacturing
Updated:
17/06/2026
17/06/2026
788/1000
Fair
Baa
Mercedes-Benz USA Global Score (TPRM)
xxxx
Mercedes-Benz USAMotor Vehicle Manufacturing
Score locked

Mercedes-Benz USAFair
Current Score
788Baa (FAIR)
01000
1 incidents
0 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
788
JUNE 2026
788
MAY 2026
784
Vulnerability
01 May 2026 • Mercedes-Benz USA
Fortinet, Foxconn, Comcast, Chevron, Samsung, AT&T, Mercedes-Benz and Toyota: FortiBleed leak exposes Fortinet VPN credentials for 73,000 devices.
FortiBleed: Massive Fortinet VPN Credential Leak Exposes 74,000 Firewalls Worldwide
787
CRITICAL-3
MERCHESAMCOMFOXATTFORTOY1781713752
FortiBleed: Massive Fortinet VPN Credential Leak Exposes 74,000 Firewalls Worldwide
A newly uncovered data leak, dubbed FortiBleed, has exposed credentials for 73,932 Fortinet and FortiGate VPN firewalls across organizations globally. Security researcher Bob Diachenko discovered the breach after identifying an unsecured server containing usernames, email addresses, and plaintext passwords for high-profile targets, including Chevron, Samsung, Foxconn, Comcast, AT&T, Mercedes-Benz, Toyota, and multiple government agencies.
The dataset, analyzed by Diachenko and later confirmed by threat intelligence firm Hudson Rock, includes 21,632 unique domains spanning 194 countries, with the highest concentrations of affected devices in India, the U.S., Taiwan, Mexico, and Turkey. The compromised credentials span industries such as telecommunications, IT services, finance, healthcare, manufacturing, and critical infrastructure.
### Attack Method & Scope
Diachenko’s investigation revealed the breach was orchestrated by a Russian-speaking threat group that conducted 1.16 billion credential-stuffing attempts against 320,777 FortiGate targets and 2.1 billion attempts against 163,650 Microsoft SQL servers. The attackers used a 45-GPU cluster running Hashtopolis to crack intercepted SSL VPN authentication hashes, then leveraged the stolen credentials to infiltrate Active Directory environments.
Additional exposed files accidentally left accessible on the same server contained attack logs, scripts, and tooling, along with detailed profiles of targeted organizations, including revenue, employee counts, and industry classifications. The breach also led to full compromises of entities in Japan, Taiwan, Vietnam, Iraq, and Turkey, including a Turkish NATO defense contractor, from which classified documents were allegedly exfiltrated.
### Credential Authenticity & Origin
Cybersecurity researcher Kevin Beaumont independently verified portions of the dataset, confirming that many credentials were legitimate and that roughly 75,000 Fortinet devices most still online were affected. The data appears to have been extracted from Fortinet configuration files, as it includes email addresses and other details typically only accessible through exported configs.
Notably, many of the exposed passwords were long and complex, suggesting the attackers may have exploited previously unknown vulnerabilities or misconfigurations rather than brute-force methods. Beaumont’s analysis, based on Shodan network scans, found that nearly half of all internet-exposed Fortinet firewalls were included in the leak, with many devices exposing management interfaces directly to the web.
### Unanswered Questions
The exact method of initial compromise remains unclear. Researchers have not determined whether the data was obtained via known Fortinet vulnerabilities, a zero-day flaw, or another attack vector. Neither Diachenko, Hudson Rock, nor Beaumont have identified the original source of the configuration leaks.
Fortinet has been contacted for comment but has not yet responded. The dataset’s scale and the ongoing exposure of affected devices underscore the severity of the breach, with potential implications for supply chain security, government networks, and critical infrastructure.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
APRIL 2026
784
MARCH 2026
784
FEBRUARY 2026
784
JANUARY 2026
784
DECEMBER 2025
783
NOVEMBER 2025
783
OCTOBER 2025
783
SEPTEMBER 2025
783
AUGUST 2025
783
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for Mercedes-Benz USA ??
What was Mercedes-Benz USA's A.I Rankiteo Cyber Score in June 2026 ??
What was Mercedes-Benz USA's A.I Rankiteo Cyber Score in May 2026 ??
What was Mercedes-Benz USA's A.I Rankiteo Cyber Score in April 2026 ??
What was Mercedes-Benz USA's A.I Rankiteo Cyber Score in March 2026 ??
What was Mercedes-Benz USA's A.I Rankiteo Cyber Score in February 2026 ??
What was Mercedes-Benz USA's A.I Rankiteo Cyber Score in January 2026 ??
What was Mercedes-Benz USA's A.I Rankiteo Cyber Score in December 2025 ??
What was Mercedes-Benz USA's A.I Rankiteo Cyber Score in November 2025 ??
What was Mercedes-Benz USA's A.I Rankiteo Cyber Score in October 2025 ??
What was Mercedes-Benz USA's A.I Rankiteo Cyber Score in September 2025 ??
What was Mercedes-Benz USA's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on Mercedes-Benz USA's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with Mercedes-Benz USA ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view Mercedes-Benz USA's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?