Employee Drops Mercedes-Benz Key in GitHub Repository

Mercedes-Benz Auto Concert has experienced a potential breach of internal confidential data. According to cybersecurity company RedHunt Labs, it was discovered that an employee mistakenly left a personal developer key on the network, which granted unrestricted access to the source codes of internal systems. [1]

During routine internet resource monitoring in January, analysts accidentally came across an authorization token in an open GitHub repository. This token effectively removed the need for a password and provided unrestricted access to the GitHub Enterprise corporate server. Essentially, attackers could freely download any closed repositories. [1]

These repositories contained data for accessing internal archives, keys for cloud services, design documents, passwords for a single authentication system, API, and other valuable information. Notably, the exposed repositories included keys to Microsoft Azure and Amazon Web Services, as well as the internal database of Postgres and Mercedes-Benz’s source codes. It remains unclear if any customer personal data was among the vulnerable resources. [3]

A Mercedes-Benz representative confirmed that the leak occurred due to an employee’s mistake. The compromised token was immediately revoked, and the repository was closed. The company emphasizes its commitment to protecting confidential data, products, and services as its top priority. An internal investigation has been launched, and necessary measures will be implemented to prevent similar incidents in the future. [4]

It is still uncertain if any attacker managed to exploit the code published in September 2023. Mercedes-Benz representatives declined to comment on whether the company employs monitoring mechanisms to detect unauthorized access to internal systems, citing information security considerations. [5]

References:

  1. RedHunt Labs

/Reports, release notes, official announcements.