Siemens Metaverse, a virtual space built to mirror real machines, factories, and other highly complex systems, has exposed sensitive data, including the company’s office plans and internet of things (IoT) devices. While metaverse is no longer a buzzword, amid the sudden popularity of ChatGPT and similar AI tools, those virtual worlds are still here, presenting exciting opportunities for companies, users, and, unfortunately, threat actors. Siemens, a German multinational with over $71 trillion in revenue and 300,000 employees worldwide, has also jumped on the metaverse bandwagon. In 2022, it partnered with NVidia, an American multinational technology company, to build the industrial metaverse. Recently, the Cybernews research team has discovered that Siemens Metaverse – a platform that aims to create digital ‘twins’ of its factories and offices – was leaking sensitive information. If attackers got to the exposed data, it could have had devastating consequences for the company and other big corporations using its services, including ransomware attacks. Siemens, on the other hand, said it considered the issue to be non-critical and added that it had been mitigated.