Leaked information includes source code of Nissan mobile apps, diagnostics tool, and market research tools and data, among other assets.
Nissan North America source code was leaked online due to misconfiguration of a company Git server, which was left exposed online with a default username and password of admin/admin.
Software engineer Tillie Kottmann learned of the leak and analyzed the data, which she shared with ZDNet. The repository reportedly contained Nissan NA mobile apps, parts of the Nissan ASIST diagnostics tool, Nissan's internal core mobile library, Dealer Business Systems and Dealer Portal, client acquisition and retention tools, market research tools and data, vehicle logistics portal, vehicle connected services, and various other back ends and internal tools, she reports.
The Git server was taken offline yesterday after its data began to be shared on Telegram and hacking forums, the report continues. Nissan has confirmed the incident, stating it is "aware of a claim regarding a reported improper disclosure of Nissan's confidential information and source code." The company has reportedly launched an investigation.
Read more details here.
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024