Nissan Source Code Leaked via Misconfigured Git Server

Leaked information includes source code of Nissan mobile apps, diagnostics tool, and market research tools and data, among other assets.



Nissan North America source code was leaked online due to misconfiguration of a company Git server, which was left exposed online with a default username and password of admin/admin.

Related Content:

COVID-19's Acceleration of Cloud Migration & Identity-Centric Security

How Data Breaches Affect the Enterprise

New From The Edge: Security Pros Reflect on 2020

Software engineer Tillie Kottmann learned of the leak and analyzed the data, which she shared with ZDNet. The repository reportedly contained Nissan NA mobile apps, parts of the Nissan ASIST diagnostics tool, Nissan's internal core mobile library, Dealer Business Systems and Dealer Portal, client acquisition and retention tools, market research tools and data, vehicle logistics portal, vehicle connected services, and various other back ends and internal tools, she reports.

The Git server was taken offline yesterday after its data began to be shared on Telegram and hacking forums, the report continues. Nissan has confirmed the incident, stating it is "aware of a claim regarding a reported improper disclosure of Nissan's confidential information and source code." The company has reportedly launched an investigation.

Read more details here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio
 

Recommended Reading:

Comment  | 
Email This  | 
Print  | 
RSS
More Insights
Copyright © 2021 UBM Electronics, A UBM company, All rights reserved. Privacy Policy | Terms of Service