CAse Study

Breached Credentials Secured: Major UAE Real Estate Company's Sensitive Data Protected

Preventing unauthorized access to a real estate company’s sensitive data by securing leaked admin credentials from a public GitHub

the customer

A major UAE real estate company

Industry

Real Estate

Geography

UAE

CloudsEK Product
XVigil
XVigil
Modules
Code Repositories
Attack vector

Exposed GitHub Repository

USe Case

Leakage of admin passwords and sensitive data through a public GitHub repository.

Sensitive Credentials Exposed

Admin password and access details for the house management tool found in a public GitHub repository

Unauthorized Access Prevented

Potential misuse of customer data, sales information, and sensitive project details averted.

Phishing and Ransomware attacks averted

Potential misuse of exposed credentials to launch phishing and ransomware attacks was prevented

Ready to get started?

Request a Demo

Challenge

CloudSEK’s contextual AI digital risk platform XVigil classified a GitHub repository as a high threat as it contained a leaked code with an admin password to the house management tool, granting access to all customer and house data.

This exposure posed a significant security risk, potentially allowing attackers to view and manipulate property details such as selling price difference between two similar properties, customer PII, and company financial projections.

Additionally, the leaked code also contained the PostgreSQL server IP and password, along with the Salesforce Admin password and API key. This could potentially lead to threat actors accessing the entire Salesforce PostgreSQL data.

Impact

Unauthorized access to sensitive data could lead to privacy violations, financial fraud, and competitive disadvantages.

Attackers could view sold property details, buyer information, unsold property statistics, and access customer identification details.

Furthermore, access to the PostgreSQL server and Salesforce data could result in phishing attacks, identity theft, and ransomware attacks.

Solution

CloudSEK XVigil promptly identified and secured the exposed GitHub repository, ensuring that sensitive data was protected and access was restricted

Implementation:

Detection:

  • CloudSEK XVigil discovered the public GitHub repository containing sensitive admin passwords and access details.

Threat Analysis:

  • Identified the risks associated with the exposed admin password and access to customer and house data.
  • Assessed the potential for unauthorized access to financial data, sales projections, and business plans.

Immediate Actions:

  • Secured the exposed GitHub repository to prevent further unauthorized access.
  • Revoked and rotated the leaked credentials, updating dependent services.
  • Removed sensitive data from the repository's history.

Preventive Measures:

  • Enhanced monitoring of network traffic and user activity to detect and prevent unauthorized access.
  • Strengthened security policies and educated users on best practices for handling sensitive information.
  • Implemented multi-factor authentication (MFA) and secure storage solutions for sensitive data.