Nissan Source Code Leaked via Misconfigured Git Server
A misconfigured Git server has resulted in sensitive information pertaining to the company Nissan being leaked. The information exposed in the breach includes the source code of mobile apps, diagnostics tools, market research tools, and sensitive data. The Git server was left publicly exposed with a default username and basic password, admin/admin. The Git server has since been taken down.
The repository discovered by security researchers consisted of Nissan’s internal core mobile library, the Dealer Business System and Dealer Portal, information on client acquisition and retention tools, vehicle connected services, and other pieces of information valuable to hackers. Nissan confirmed the incident and reportedly launched an investigation into the leak.