CAse Study

CloudSEK SVigil helped a Major Private Bank to Secure Leaked Credentials and Personnel Data

Ensuring the security of a major private bank by addressing a critical Git misconfiguration.

the customer

A Major Private Bank

Industry

Banking

Geography

Global

CloudsEK Product
SVigil
SVigil
Modules
Web App Scanner
Attack vector

Misconfigured Git

USe Case

Exposure of backend source code and sensitive information due to a third-party vendor misconfiguration.

Backend PHP source code exposed

due to misconfigured .git file

Unauthorized access to cloud infrastructure

by unauthorized parties prevented

Data breach averted

through timely remediation

Ready to get started?

Request a Demo

The Challenge

CloudSEK SVigil identified a critical security flaw in a financial and software services company's system, caused by a misconfigured .git file exposing backend PHP source code. This allowed for the recreation of files and folders using external tools.

The Impact

Compromised AWS credentials allow attackers to access and manipulate an organization's cloud infrastructure, including sensitive data and critical systems. This breach can lead to account hijacking, unauthorized configuration changes, and resource deletion. The resultant loss of infrastructure control poses severe security risks, including data breaches and operational disruptions, highlighting the need for robust cybersecurity measures.

The Remediation

  1. Corrected the .git File Configuration by Identifying, Removing, and Restricting Access
  2. Enhanced Repository Access Controls and Permissions by Auditing and Updating
  3. Strengthened Authentication Measures by Introducing MFA and Enforcing Strong Passwords