Finance

Bank Spills Internal Source Code and Credentials onto Internet

17 – 24 September 2019

Scotiabank, the third largest bank in Canada, has committed a major information security blunder that exposes a trove of internal source code and private login keys to backend systems.
Cyber_News_Finance

 

Scotiabank, the third largest bank in Canada, has committed a major information security blunder that exposes a trove of internal source code and private login keys to backend systems. The bank has misconfigured its GitHub repositories, leaving it accessible via the Internet. The repositories contain source code for Scotiabank’s mobile applications intended for Central and South America markets as well as login details to an SQL database system of foreign exchange rates. The GitHub repositories, which may be exposed for months, have since been secured after being notified.

 

References:

Scotiabank Slammed for 'Muppet-Grade Security' After Internal Source Code and Credentials Spill onto Open Internet

More Weekly Cyber Newsanalysis and insights

Ensign Consulting

Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.​

Ensign Systems Integration

Architecting and implementing cybersecurity solutions that bolster defences

Ensign Managed Security Services

Managing your security operations for advanced threat detection, continuous monitoring, and triage services

Ensign Labs

Performing deep research to analyse vulnerabilities, deploy advanced threat hunting and provide cyber threat intelligence