Tip Us Hey you, we are hiring! Join us if you are an author, developer or designer!

Samsung accidentally reveals sensitive data on existing projects

10 May 2019 4

It seems like Samsung let its guard down and will now pay a hefty price for it. Courtesy of a security researcher, Mossab Hussein, Samsung has leaked sensitive credentials. This includes data such as credentials, source code and even secret keys for numerous upcoming projects. The company supposedly accidentally uploaded the files to GitLab without even safeguarding it with a password.


Among the numerous leaked credentials was the login credentials for the Amazon Web services used by the company for the development of Samsung’s services. Supposedly, 100 S3 storage buckets was revealed as a result of this goof up. To make matters worse, even the GitLab access tokens of Samsung’s employees was revealed during this mishap. Here’s what Hussein had to say about his ability to access the data:

I had the private token of a user who had full access to all 135 projects on that GitLab.

Most of the revealed data has turned out to be information mainly relating to Samsung’s services like SmartThings and Bixby. Samsung has taken measures and revoked all access of all the keys and credentials on the testing platform. The company will also further look into the matter to see if any information could have been stolen or tampered with.


4

comments

Samsung accidentally reveals sensitive data on existing projects
Write a comment...
Android

Google postpones Android 11 beta release and June 3rd event

Games

Sony to showcase first PlayStation 5 games on June 4th

Android

Nokia C5 Endi, Nokia C2 Tava, Nokia C2 Tennen launched on Cricket Wireless

Android

Grab your free Nest Mini if you're YouTube Premium subscriber