Source Code for Disney, Microsoft, Nintendo Leaks Online
Source code from Disney, Microsoft, Nintendo and 50 other companies was leaked online. This makes their internal source codes available for anyone online.
Others that were affected by the online leak are Adobe, Lenovo, Mediatek, Roblox and many more from different fields, like tech, finance, food, retail to name a few, said tech site Bleeping Computers.
Swiss developer Tillie Kottmann managed to pull source code from the companies because of insecure DevOps applications, said Business Insider. The leak then left proprietary company information exposed.
Kottmann posted the code on GitLab, an online repository manager that anyone can gain access to. A link to it was also posted on Twitter.
Kottmann is a developer and reverse engineer. They pulled from various sources and searched for DevOps tools that offer access to source code.
Bank Security, a researcher on banking threats and fraud, said that more than 50 companies had their code published, though not all of the folders that were posted are populated. They also said credentials can be seen in some cases.
The developer admitted that they don't always contact the companies involved in the leak before releasing the code but they try to keep the bad impact of their posts at a minimum.
"I try to do my best to prevent any major things resulting directly from my releases," Kottmann said.
Other people also helped in this project, both in direct and indirect ways. They helped Kottmann better understand the nature of their findings.
Complies to Takedowns
Kottmann said they can comply with requests for a takedown and they will "gladly provide" information on how to make companies more secure.
One leak from the Daimler AG corporation that is behind the Mercedes-Benz brand can't be found any more. There is also an empty folder that has "Lenovo" in its name.
But many of the companies may not know there is a leak in the first place. DMCA notices are only estimated at about seven and direct contact from legal and other company representatives show no sign that companies know about the leak.
Kottmann's pinned tweet is also asking for confidential information, documents or source code that people think has to be available to the public. The user said they can discuss how to safely release such information.
Their Twitter bio also reads: "probably leaking your source code right now."
GigaLeak Gains Gaming World Attention
The leaked code from Nintendo, dubbed as the "GigaLeak", was of interest to the gaming world. It gives an inside look at the source code that brought the company's classic games, Polygon reports.
Most of the leak was done in two big chunks. It has one for Super NES games and one more for Nintendo 64 games. It also has the source code for Super Mario Kart, The Legend of Zelda: A Link to the Past, and Yoshi's Island.
This means people can look at the games' original code. These are the sorts of files that the public does not have access to or never gets to see because parts of games that can be played is very different from what developers use to build them.
According to Forbes, this isn't the only leak that Nintendo has faced for the last few months.
Security Concerns
In a Tom's Guide article, security specialist Jake Moore said the leak could allow cyber attackers to gain easier access to private company information.
"Losing control of the source code on the internet is like handing the blueprints of a bank to robbers," Moore said.
Want to read more? Check these out!
Big Techs Alleged of Bullying Small Techs, Congress Hearing With Top Tech CEOs Postponed
IO Scout FBA Calculator - 2020 Review
Is It Safe to Own Used or Refurbished Phones? Here Are The Things You Should Know