Hacker got access to internal Comodo files via leaked password

Get a free Techzine subscription!

A hacker has been able to access Comodo’s internal files and documents by using an email address and a password that had accidentally ended up on the Internet. Comodo is a security company that issues SSL certificates.

The login details were stored in a public GitHub repository that erases the property of a Comodo software developer itself, writes TechCrunch. The hacker used this data to log into the company’s cloud services hosted by Microsoft. The account did not appear to be protected by a two-step verification.

Report created

The login details were also found by Dutch security researcher Jelle Ursem, who contacted Vice President Rajaswi Das of Comodo via WhatsApp. A day later, the password was revoked.

Ursem says he was able to access Comodo’s internal files through the account, including sales documents and spreadsheets that were in the company’s OneDrive. He was also able to look at an organisation chart on SharePoint, which contained the biographies of teams and contact information.

Ursem also shared screenshots with TechCrunch of folders containing agreements and contracts with various customers. Those files had the name of customers in their name. These include hospitals and American state governments.

Hacker

According to Ursem, he’s not the first to find the login details. This account has already been hacked by another person, who is going to send spam, according to the Dutchman. He therefore shared a screenshot with TechCrunch of the spam mail sent, claiming that a tax refund from the French government was available.

A spokesman for Comodo states that the account was an automated account for marketing and transactional purposes. The data viewed has not been manipulated. Within a few hours after we were informed by the researcher, the account was taken offline.

Ursem himself says he’s surprised by the login details he found. Since they are a security company and issue SSL certificates, you would think that the security of their own environment is paramount.

This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.