Famous car manufacturer Nissan North America suffered a data leak due to default credentials. The company left an exposed Git server protected with default access credentials admin:admin. As a result, multiple code repositories from Nissan NA became public.
The data collection is around 20 gigabytes large. It contains source code for mobile apps and various internal tools for diagnostics, client acquisition, market research, etc. According to the reverse engineer Tillie Kottmann, who is a maintainer of a repository of leaked source code from various sources, data collection contains Nissan NA Mobile apps, parts of the ASIST Diagnostic System software, Dealer Business Systems/Dealer Portal, Nissan internal core mobile library, Nissan/Infiniti NCAR/ICAR services, client acquisition and retention tools, sale/market research tools and data, marketing, backends and internal tools, vehicle logistics portal, and vehicle connected services/Nissan connect things.
On Tuesday, company has taken the unprotected server down before news about the leakage came to light. Two days later, company contacted Kottmann and asked for removing their leaked repositories. An engineer usually complies with takedown requests and took the repositories down.