A massive leak has just been confirmed. According to database security audit specialists, source code stored in multi-company repositories has been publicly exposed due to its weak security configurations. The incident affects all kinds of firms, from technology and financial services developers to retailers and restaurant chains.
The companies committed included Qualcomm, Motorola, Mediatek, GE, Nintendo, Disney, Johnson Controls, among others.
Details about this incident were compiled by Reverse Engineering Specialist Tillie Kottmann. Much of the information exposed in this incident is available in a GitLab repository available to any user. Apparently, code from more than 50 companies is available in the repository. However, there are multiple empty folders, but it is also possible to find login credentials.
So far, database security audit experts have found code samples from various companies across multiple business areas, for example
- Financial technology: Fiserv, Buczy Payments, Mercury Trade Finance Solutions
- Banking institutions: Banca Nazionale del Lavoro, based in Italy
- Technology development: Pieran Access One, among others
Speaking around for the BleepingComputer platform, Kottmann mentioned that repositories contain information that is really easy to access, although companies and researchers are making a great effort to remove access to this data and prevent further damage: “I try to do my best to prevent any relevant detail from being compromised,” Kottmann added.
Researchers have also been responding to record deletion requests that affected companies have issued, and they also expect to communicate with their IT teams to strengthen the security of their IT infrastructure. Some companies, such as Mercedes-Benz, have already requested the deletion of records present in the repository.
Database security audit experts mention that not many requests have been made to remove the information exposed, which is common in these kinds of incidents. In most cases, the companies concerned are limited to being curious about how their information was compromised.
On the lifetime of compromised information, experts mention that the GitLab server is full of outdated data or that they have not even received updates since its creation.
Kottmann considers this to be a more common practice than is believed; on a Telegram channel, Kottmann offers details about leaks affecting many other companies, although the channel is especially focused on Nintendo leaks and its classic video games.
For further reports on vulnerabilities, exploits, malware variants and computer security risks, it is recommended to enter the website of the International Institute of Cyber Security (IICS), as well as the official platforms of technology companies.