LOADING...
Log in and
comment
Username or Email
Password
Forgot password?
Or
Join and
publish
You're almost done! Define a user name and password.
Username
Email
Password
Senha
» Tip Us Hey you, we are hiring! Join us if you are an author, developer or designer!

Samsung accidentally reveals sensitive data on existing projects

10 May 2019 4

It seems like Samsung let its guard down and will now pay a hefty price for it. Courtesy of a security researcher, Mossab Hussein, Samsung has leaked sensitive credentials. This includes data such as credentials, source code and even secret keys for numerous upcoming projects. The company supposedly accidentally uploaded the files to GitLab without even safeguarding it with a password.


Among the numerous leaked credentials was the login credentials for the Amazon Web services used by the company for the development of Samsung’s services. Supposedly, 100 S3 storage buckets was revealed as a result of this goof up. To make matters worse, even the GitLab access tokens of Samsung’s employees was revealed during this mishap. Here’s what Hussein had to say about his ability to access the data:

I had the private token of a user who had full access to all 135 projects on that GitLab.

Most of the revealed data has turned out to be information mainly relating to Samsung’s services like SmartThings and Bixby. Samsung has taken measures and revoked all access of all the keys and credentials on the testing platform. The company will also further look into the matter to see if any information could have been stolen or tampered with.


4

Comments

Join our community » Samsung accidentally reveals sensitive data on existing projects
Android

Top 5 best bezel-less smartphones | April 2019

Android

Top 5 best Android flagship smartphones | April 2019

Software

Android Software updates may soon be available via Play store | Upd: Now rolling out

Tech

Amazon acquires autonomous warehouse robotics startup Canvas Technology