These provided access to WordPress administrator database credentials and the UNEP source code, and exposed more than 100,000 private employee records to the researchers.

After finding exposed git and configuration directories, Sakura Samurai were able to access credentials for critical applications, more than 13,000 personal records, police reports, and other data.

[10] Sakura Samurai found a vulnerability in Pegasystems' Pega Infinity enterprise software suite, which is used for customer engagement and digital process automation.

[11] The vulnerability led to Sakura Samurai breaching systems belonging to both Ford Motor Company and John Deere, incidents which were publicly disclosed in August 2021.

[12][13] These breaches were the subject of a 2021 DEF CON presentation by Sick.Codes, which was titled "The Agricultural Data Arms Race: Exploiting a Tractor Load of Vulnerabilities in the Global Food Supply Chain (in good faith)".