Unprotected DevOps Infrastructure Disclosed Source Code of Companies

The source code of several bigger organizations has recently been leaked online and was found on the unprotected DevOps infrastructure. The list of the affected firms includes Microsoft, Johnson Controls, Adobe, GE, Lenovo, AMD, Motorola, Qualcomm, Disney, Mediatek, Daimler, Nintendo, and Roblox. It also has different organizations across industries like software, hardware, finance, healthcare, travel, and automotive.

Till Kottmann, a Swiss IT consultant has revealed a list of about 50 firms that had exposed
source code. For many of the organizations, the code has been taken off from the repository, and others still have it.

Most of the source code comes from inappropriately configured and exposed DevOps
infrastructure. The information primarily originates from the SonarQube instances, and also
from Jenkins and GitLab.

Source: Securityweek