January 31, 2024 at 12:36PM
An employee’s leaked GitHub token at Mercedes-Benz allowed unrestricted access to source code on the carmaker’s GitHub Enterprise server. The breach, discovered in January 2024, could have led to extensive exposure of critical information. RedHunt Labs warns of potential financial and reputational damage. GitHub and other firms have also faced similar credential leaks.
From the meeting notes, it’s clear that there was a serious breach of security involving a leaked GitHub token at Mercedes-Benz. This breach occurred on September 29th, 2023, but was not discovered until January 11th, 2024. The leaked token provided unrestricted and unmonitored access to the carmaker’s GitHub Enterprise server, potentially exposing sensitive information such as API keys, cloud access keys, database connection strings, and more.
The impact of this data breach could have significant financial implications, legal violations, and reputational damage for Mercedes-Benz. Furthermore, threat actors were observed harvesting IAM credentials leaked in public GitHub repositories shortly after exposure. GitHub also had to rotate credentials after discovering a vulnerability that could have allowed access to credentials within a production container.
This breach has raised serious security concerns and potential risks for the organization. The leaked GitHub token created a gateway for potential adversaries to access and download the entire source code of the organization, which could lead to an extremely serious data breach against Mercedes. It is crucial for the organization to take immediate action to address these vulnerabilities and prevent any further exposure of sensitive information.