Tip Us Hey you, we are hiring! Join us if you are an author, developer or designer!

Samsung accidentally reveals sensitive data on existing projects

10 May 2019 4

It seems like Samsung let its guard down and will now pay a hefty price for it. Courtesy of a security researcher, Mossab Hussein, Samsung has leaked sensitive credentials. This includes data such as credentials, source code and even secret keys for numerous upcoming projects. The company supposedly accidentally uploaded the files to GitLab without even safeguarding it with a password.


Among the numerous leaked credentials was the login credentials for the Amazon Web services used by the company for the development of Samsung’s services. Supposedly, 100 S3 storage buckets was revealed as a result of this goof up. To make matters worse, even the GitLab access tokens of Samsung’s employees was revealed during this mishap. Here’s what Hussein had to say about his ability to access the data:

I had the private token of a user who had full access to all 135 projects on that GitLab.

Most of the revealed data has turned out to be information mainly relating to Samsung’s services like SmartThings and Bixby. Samsung has taken measures and revoked all access of all the keys and credentials on the testing platform. The company will also further look into the matter to see if any information could have been stolen or tampered with.


4

comments

Samsung accidentally reveals sensitive data on existing projects
Write a comment...
Rumors

Poco F2 exists! This alleged screen protector and a tip claim so

New products

MediaTek launches Helio G90 gaming-centric SoC for budget phones

Google

Google confirms Pixel 4 facial recognition and Motion Sense gestures

Android

Here is first look at Nintendo Switch Android port | UPD: it's here