Key Metrics
15.59
Heat Index-
Impact LevelMedium
-
Scope LevelGlobal
-
Last Update2025-11-27
Key Impacts
Positive Impacts (5)
Negative Impacts (6)
Event Overview
The exposure of sensitive data, including passwords and API keys, by organizations in critical sectors highlights the vulnerability of online tools. This incident underscores the risks associated with improper handling of authentication information, potentially leading to unauthorized access and security breaches.
Collect Records
Sensitive Passwords and API Keys Exposed by Organizations in Sensitive Sectors
New research from cybersecurity firm WatchTower Labs has revealed that organizations from sensitive sectors, including governments, telecoms, and critical infrastructure, have exposed thousands of passwords and API keys by pasting them into online tools like JSONFormatter and CodeBeautify. The firm discovered over 80,000 files on these sites, containing numerous usernames and passwords. The data leak includes a wide range of sensitive information such as repository authentication keys, Active Directory and database credentials, FTP and cloud environment keys, LDAP configurations, helpdesk and meeting room API keys, SSH session recordings, and personal information. The total amount of leaked data is over 5GB, including five years of historical JSONFormatter content and one year of historical CodeBeautify content. These tools allow users to save and share JSON structures or code via a URL, which are listed on a 'Recent Links' page and follow a predictable format, making them vulnerable to being harvested by malicious actors using simple web crawlers. A cybersecurity company inadvertently exposed sensitive information, including Jenkins secrets, encrypted credentials, KYC data for a bank, AWS credentials linked to Splunk and Active Directory, and credentials for a major financial exchange. The company uploaded fake AWS access keys, which were targeted by bad actors within 48 hours, indicating active threats.