Sensitive Data Including Source Code and Credentials Belonging to Scotiabank Exposed via Github Repositories


Scotiabank’s source code and other sensitive data such as credentials were found on publicly available GitHub repositories.
The Canadian bank has taken down the repositories after being alerted by The Register.

The backdrop


Jason Coulls, an IT pro, discovered the data belonging to Scotiabank on GitHub. Some of the data were believed to be exposed for months.


The repositories contained hundreds of files of documentation and code. Some of these appeared to be for mobile apps for Central and South American users.
They were found to contain access keys for a foreign exchange system, login cr ..