ADVERTISEMENT

Swiss real estate agency fails to put a password on its systems

Neho, a Switzerland-based real estate agency, leaked credentials recently, potentially allowing threat actors to prey on sensitive data about the company and its clients.

Image by Cybernews

Image by Cybernews

Paulina Okunytė
Paulina Okunytė Senior Journalist
May 30, 2023 Updated: 1 June 2023 4 min read
  • A misconfiguration of Swiss real estate agency Neho’s systems exposed sensitive credentials to the public.
  • Using leaked data, threat actors could potentially breach the company’s internal systems and hijack official communication channels.
  • Real estate agencies handle sensitive data, including customers' personally identifiable information, bank account details, and other data highly valued by cybercriminals. Ensuring cybersecurity is vital.
  • Cybernews reached out to Neho and the company fixed the issue.

Public access to the company’s systems

Leaked environment file | Image by Cybernews
Leaked environment file | Image by Cybernews
  • PostgreSQL database host, port, name, and password
  • Redis database host, port, and password
  • Mailgun host, username, and password
  • Postmark API and SMTP credentials
  • AWS Bucket access key ID and secret
  • Twilio Account credentials
  • Aircall API and tokens
  • Elastic search AWS credentials
  • Google Client ID and Secret
  • Facebook Client ID and secret
  • Trustpilot API key and secret
  • Pricehubble credentials
  • Movu.ch token
  • Canny ID, keys and tokens
  • TravelTime API

Corporate communication channels at risk

ADVERTISEMENT
Image by Cybernews
Leaked environment file | Image by Cybernews
Leaked environment file | Image by Cybernews
Leaked environment file | Image by Cybernews

What’s at stake?

The company’s response

How to avoid the risks?

  • Avoid using the "root" user: Operating as the "root" user can pose security risks, so Neho should avoid using this user account whenever possible.
  • Keep databases shielded: Neho's databases should be protected from the public internet. This can be achieved by placing them behind a firewall or a virtual private network (VPN) to enhance their security.
  • Implement role-based access controls: It is important to establish access controls based on user roles. Each user should have appropriate privileges, allowing them to access only the necessary information.
  • Secure remote database access: If there’s a need to access the database over the internet, strict authentication measures should be implemented to ensure that only authorized individuals can access it.
  • Utilize multi-factor authentication (MFA): Neho should employ MFA, which requires an additional authentication method in addition to login credentials. This way, even if attackers manage to obtain valid login credentials, they would still need the second authentication factor to gain access.
ADVERTISEMENT