Tip Us Hey you, we are hiring! Join us if you are an author, developer or designer!

Samsung accidentally reveals sensitive data on existing projects

10 May 2019 4

It seems like Samsung let its guard down and will now pay a hefty price for it. Courtesy of a security researcher, Mossab Hussein, Samsung has leaked sensitive credentials. This includes data such as credentials, source code and even secret keys for numerous upcoming projects. The company supposedly accidentally uploaded the files to GitLab without even safeguarding it with a password.


Among the numerous leaked credentials was the login credentials for the Amazon Web services used by the company for the development of Samsung’s services. Supposedly, 100 S3 storage buckets was revealed as a result of this goof up. To make matters worse, even the GitLab access tokens of Samsung’s employees was revealed during this mishap. Here’s what Hussein had to say about his ability to access the data:

I had the private token of a user who had full access to all 135 projects on that GitLab.

Most of the revealed data has turned out to be information mainly relating to Samsung’s services like SmartThings and Bixby. Samsung has taken measures and revoked all access of all the keys and credentials on the testing platform. The company will also further look into the matter to see if any information could have been stolen or tampered with.


4

comments

Samsung accidentally reveals sensitive data on existing projects
Write a comment...
Android

How to use FaceApp's old-age filter if the app is showing error

Android

Qualcomm Snapdragon 855 Plus is aimed at gaming smartphones and VR

Android

Huawei denies Hongmeng OS being an Android alternative

Android

Best dual front camera smartphones that you can buy | July 2019