Mercedes-Benz “smart car” source code leaked – expert commentary

A security researcher discovered a misconfiguration in a Git web portal belonging to Daimler AG, the German automotive company behind the Mercedes-Benz brand. The researcher was able to access, download and leak over 580 Git repositories containing the source code for “smart car” components installed in Mercedes vans. The leaked projects also included Raspberry Pi images, server images, internal Daimler components for managing remote OLUs, internal documentation, code samples, and passwords and API tokens to Daimler’s systems.


EXPERTS COMMENTS
Chris DeRamus , VP of Technology Cloud Security Practice,  Rapid7
May 19, 2020
In fact, the number of records exposed by cloud misconfigurations rose by 80% in 2019.
Misconfigured security settings is the top culprit behind many major data leaks and breaches. In fact, the number of records exposed by cloud misconfigurations rose by 80% in 2019. In this GitLab instance, bad actors could register an account on Daimler's code-hosting portal and download over 580 Git repositories containing the Mercedes source code and sell that information to the company’s comp ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article