Another security breach has leaked the source code of dozens of companies. These companies operate in various sectors from finance to manufacturing or video games. Apparently, everything is due to misconfigurations in their infrastructure.
This breach has resulted in the appearance of a public repository on GitLab in which we find code from major companies such as Microsoft, AMD, Mediatek, Nintendo and Disney, although the list keeps growing.
All of this has been obtained by Tillie Kottmann, a developer and expert in reverse engineering from various different sources due to different security or configuration flaws. Según los últimos datos del investigador de seguridad de Bank Security, tendríamos datos de más de 50 empresas en el repositorio, aunque no todas las carpetas cuentan con datos.
El responsable de la gran filtración incluso ha confirmado que encontró credenciales fácilmente accesibles, aunque en muchos casos han sido eliminadas para evitar que se pueda hacer un daño mayor. In addition, Kottmann también explica que no siempre se pone en contacto con las compañías afectadas para minimizar el efecto de una publicación online.
Las empresas implicadas están solicitando que se elimine la información revelada. In fact, todo lo filtrado sobre Daimler AG ya ha desaparecido del repositorio, de la misma forma que la información relacionada con Lenovo. Se estima que han sido hasta 7 the companies that have been contacted, so it gives the feeling that many haven't even realized the matter.
One of the companies that has had its data compromised has been Nintendo. In its folder we have source code, graphic prototypes of multiple games including Super Mario World, a Zelda remake 2 canceled, Super Mario 64 or The Legend of Zelda: Ocarina of Time and more files. In the case of Nintendo, it is being made known as Gigaleak on the Internet.