BMW confirms data breach: Cloud storage server configuration error

王林
Release: 2024-02-18 13:57:15
forward
922 people have browsed it

BMW confirms data breach: Cloud storage server configuration error

According to news from this site on February 18, foreign media TechCrunch recently reported that a configuration error occurred in the cloud storage server of the automobile giant BMW, resulting in sensitive private keys and internal data. Information exposed.

Researcher Can Yoleri said that during a routine scan, he discovered that the Microsoft Azure managed storage server (also called a "bucket") in the BMW development environment was configured as public instead of private .

Yoleri added that the bucket contains script files that contain Azure container access information, keys for private storage server addresses and details for other cloud services.

According to information learned by TechCrunch, the exposed data includes BMW’s cloud service private keys in China, Europe and the United States, as well as login credentials for BMW’s production and development databases. However, currently It's unclear exactly how much data was exposed.

A BMW spokesperson has confirmed that the data breach affected a Microsoft Azure bucket based on the storage development environment and said that no customer or personal data was affected. The spokesperson added: "The BMW Group has fixed the issue in early 2024 and we will continue to monitor the situation together with our partners."

BMW declined to disclose the cloud storage server exposure The duration of the incident and whether the data was maliciously accessed. According to researcher Yoleri, BMW has not revoked or changed the set of passwords and credentials found in the affected cloud storage servers.

Mercedes-Benz has also encountered similar data security issues recently. Security Lab RedHunt discovered a GitHub private key in an employee's code repository. This private key can access all code on Mercedes-Benz's internal GitHub server.

The above is the detailed content of BMW confirms data breach: Cloud storage server configuration error. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
source:ithome.com
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template