TheCruiseCtrlr
Menu
  • Cart
  • Checkout
  • My account
  • Shop
Menu

BMW Exposed: Cloud Storage Misconfiguration Exposes Sensitive Data

Posted on February 27, 2024February 27, 2024 by thecruisectrlr

A security researcher recently discovered a misconfigured cloud storage server linked to automotive giant BMW, inadvertently exposing sensitive company information. Can Yoleri, from SOCRadar, found the Microsoft Azure-hosted storage server, intended for BMW’s development environment, mistakenly set to public access due to misconfiguration.

Yoleri revealed that the exposed storage bucket contained script files disclosing Azure container access details, secret keys, and credentials for accessing private bucket addresses and other cloud services. Screenshots uncovered private keys and login credentials for BMW’s cloud services across regions like China, Europe, and the United States.

While the extent and duration of the exposure remain uncertain, BMW confirmed remedial action, affirming no customer or personal data was affected. However, details regarding the duration of exposure and potential malicious access remain unclear. Despite making the bucket private post-discovery, BMW has yet to revoke or modify the compromised access keys, raising concerns about lingering vulnerabilities.

This incident echoes a similar security lapse by Mercedes-Benz last month, underscoring the imperative for robust cybersecurity measures in the automotive industry.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • Hyundai Motor Group Surpasses Volkswagen in Q1 2024 Operating Profit Race
  • Navigating Electric Vehicle Demand Fluctuations: Seizing Opportunity with Tesla Model Y Deals
  • Subaru Accelerates Electric Vehicle Plans with Toyota Partnership
  • Bugatti’s Next-Gen Supercar: What We Know So Far
  • Tesla Rehires Some Supercharging Team Members After Mass Layoff

Archives

  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • November 2023

Categories

  • Blog
RSS
Twitter
Visit Us
Follow Me
©2025 TheCruiseCtrlr | Theme by SuperbThemes