ADVERTISEMENT

Russian electronics giant hit by data leak

Pult.ru leaked credentials, potentially allowing threat actors to breach internal networks and putting both the company and clients at risk.

Pult.ru data leak
Paulina Okunytė
Paulina Okunytė Senior Journalist
May 25, 2023 3 min read
  • Pult.ru is a well-known electronics retailer in Russia specializing in high-fidelity (Hi-Fi) electronics and acoustics, musical instruments, and vinyl records.
  • The Cybernews research team discovered a publicly accessible environment file (.env) that exposed sensitive credentials.
  • Leaked credentials might have allowed access to the company’s business automation systems and source code.
  • By exploiting the leaked data, threat actors could potentially craft targeted social engineering, malware, and ransomware attacks, or take over the instance.
  • Cybernews contacted Pult.ru and the company fixed the issue.

Open gateway to business secrets

Pult.ru environment file exposed
The exposed environment file
Pult.ru environment file exposed
The exposed environment file
ADVERTISEMENT

Access to Telegram and Sbermegamarket

Access to the source code

Git configuration file exposed
The exposed Git configuration file

Dangers of the leak

ADVERTISEMENT