Source code of over 50 high profile organizations leaked online

Source code of over 50 high profile organizations leaked online

Source code leak took place due to a misconfiguration error.


A misconfiguration in the infrastructure of repositories resulted in leaking the source code of dozens of mainstream, high-profile organizations from diverse sectors from tech, food, retail, finance, manufacturing, and e-commerce.


A reverse engineer and developer, Tillie Kottmann, collected the leaks, dubbed Exconfidential, from different sources while searching for misconfigured DevOps tools that provide access to source code, and stored them on a repository on GitLab.


See: Chinese COVID-19 detection firm hacked; source code sold on dark web


The list of affected companies is quite long, as according to Bank Security, around 50 organizations’ source code has become public. This includes bigwigs like:


MicrosoftLenovoAdobeMotorolaQualcommAMDGE AppliancesMediatekRobloxDisneyNintendoHuawei owned HisiliconJohnsons Controls, to name a few.

List of affected companies and source code details shared by the researcher on their Twitter account:

Kottmann revealed that some of the folders are empty while some contain credentials such as code from fin-tech firms such as Fiserv, Mercury Trade Finance solutions, and Buczy Payments, access management, and identity developers like Pirean Access: one, and banks including Italy’s Banca Nazionale del Lavoro, etc.


See: Hacker Steals & Leaks Xbox Series X GPU Source Code


Furthermore, hardcoded credentials are available in the easy-to-access code repositories. Kottmann also claims that they tried to remove the data to prevent a larger breach.

According to BleepingComputer, the developer hasn ..

Support the originator by clicking the read the rest link below.