A few years ago, the car manufacturer Nissan was temporarily forced to shut down the app that car owners use to remotely control the electric car Leaf. It was revealed that anyone could change the car’s settings without using a password.
Now the so-called source code for several of the apps and internal tools that Nissan in North America uses has been leaked online. The code was on a server that could be accessed externally by mistake. Nissan has used “admin” as both a username and password – a combination that is notoriously insecure and should be changed as soon as a server is put into operation.
The server contained, among other things, the code for car owners’ mobile apps, diagnostic tools, the dealer portal, sales tools, and a tool for car logistics.
Nissan says that they are taking the problem seriously and that they will investigate what happened. No information about individual customers or employees should have been leaked.
“We are confident that there is no information in the leaked code that exposes our customers or their cars to danger,” Nissan told to the site ZDNet.
