Our customers are increasingly using portals to communicate to us. We have a rolling-code timestamp dongle, or a password that changes monthly, that we use to log in. Once there, somewhere inside a massively confusing interface, apparently designed by native Latvian speakers on hallucinigens, is where we are supposed to discover and acknowledge POs, get docs and specs, and report our progress. Warranty returns get logged there, too, with debit notices.
When the password (or the PIN associated with the dongle) changes, we contact their IT department and, in a week or so, we usually get a new one.
One box that we ship has a terrible, hazardous bug that the customer created and refuses to let us fix, so we have to file a DN (Discrepency Notice) form for every unit that we ship, to tell them what they already know. So far, we can't get the DN form to work. This same customer gave us an F on our quality audit... after our shipping around 3K units with no field failures to date.
Image a Sony-style hack to a big corporate portal. Not just snooping, but maybe a few million transactions.