Bank Spills Internal Source Code and Credentials onto Internet
Scotiabank, the third largest bank in Canada, has committed a major information security blunder that exposes a trove of internal source code and private login keys to backend systems. The bank has misconfigured its GitHub repositories, leaving it accessible via the Internet. The repositories contain source code for Scotiabank’s mobile applications intended for Central and South America markets as well as login details to an SQL database system of foreign exchange rates. The GitHub repositories, which may be exposed for months, have since been secured after being notified.
References:Scotiabank Slammed for 'Muppet-Grade Security' After Internal Source Code and Credentials Spill onto Open Internet
More Weekly Cyber Newsanalysis and insights
Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.
Ensign Systems Integration
Architecting and implementing cybersecurity solutions that bolster defences
Ensign Managed Security Services
Managing your security operations for advanced threat detection, continuous monitoring, and triage services