RedHunt Labs Exposes Critical Data Breach at Mercedes-Benz

Automotive giant Mercedes-Benz narrowly avoided a significant leak of confidential internal data. Cybersecurity firm RedHunt Labs discovered that a Mercedes employee had inadvertently left a developer key publicly accessible online, offering unrestricted access to the source codes of internal systems.

During routine internet monitoring in January, analysts stumbled upon a token for authorization in a public GitHub repository. This token essentially bypassed the need for password entry, allowing full access to the corporate GitHub Enterprise server. This vulnerability meant that malicious actors could effortlessly download any private repositories.

CFD workload time

Contained within these repositories were connection data to internal archives, cloud service access keys, blueprints, design documents, Single Sign-On (SSO) system passwords, API, and other valuable information.

The repositories exposed included those with keys to Microsoft Azure and Amazon Web Services cloud services, an internal Postgres database, and source codes of Mercedes systems themselves. It remains unclear whether any of the compromised resources contained customers’ personal data.

A Mercedes representative confirmed that the leak occurred due to an employee’s error. The company promptly revoked the compromised token and closed the repository, affirming that safeguarding the company’s confidential data, products, and services is a top priority. An internal investigation has been initiated to prevent similar issues in the future.

It’s unclear if any malicious actors exploited the open-source code published back in September 2023. Mercedes representatives declined to comment on whether the company uses technical monitoring tools that could detect unauthorized access to internal systems, citing information security reasons.