According to TechCrunch, a configuration error occurred in BMW's cloud storage server, exposing the company's sensitive information, including private keys and internal data.

Security researcher Can Yoleri of threat intelligence company SOCrdar said that he discovered the exposed BMW cloud storage server during a regular scan of the Internet. Yoleri said that Microsoft's Azure managed storage server (also known as " bucket " was exposed in BMW's development environment ) " was accidentally configured as a public server instead of a private server due to a configuration error. The bucket contains " script files, including Azure container access information, Keys to access private bucket addresses and details of other cloud services. ”

It is understood that the exposed data includes private keys for BMW's cloud services in China, Europe and the United States, as well as login credentials for BMW's production and development databases.

BMW spokesman Chris Overall confirmed to the media that the data exposure affected the Microsoft Azure bucket based on the storage development environment, and said that no customer or personal data was affected. The spokesperson added: "The BMW Group has fixed this issue in early 2024 and we will continue to monitor the situation together with our partners."

Open the Bitauto App and search for "real 100,000 kilometers long test" to see the most authentic vehicle long test report.

Editor: Wu Haotian