en.Wedoany.com Reported - Following a recent spate of incidents caused by credential leaks in cloud and development collaboration tools, South Korea's Personal Information Protection Commission (PIPC) has urged companies to strengthen credential management.

In one case, attackers gained access to a GitHub account via spear-phishing emails, subsequently obtained AWS access keys, and accessed approximately 2.4 million pieces of personal information from an internal database. In another incident, attackers retrieved database connection information stored in plaintext on GitHub, leading to the leak of about 420,000 pieces of personal information. Additionally, there was an incident where exposed AWS access keys on GitHub resulted in the leak of 10 million pieces of personal information.

When credentials are exposed in code repositories or collaboration tools, attackers can exploit them to gain unauthorized access to personal information processing systems, databases, and cloud services, triggering large-scale personal data breaches. According to a Google Cloud survey, 47.1% of intrusion incidents are caused by credential leaks; SentinelOne notes that 68% of companies consider cloud account hijacking their biggest security threat.

If developers store credential information in source code for management convenience, attackers may use that information to access personal information processing systems. The PIPC recommends that companies adopt the following protective measures: configure and manage source code to prevent credentials such as access keys, passwords, and API keys from being stored or exposed; use temporary credentials instead of long-term ones so they automatically expire after a certain period; restrict the IP addresses and network ranges where credentials can be used to prevent unauthorized external use; apply multi-factor authentication (MFA) to major systems such as databases and cloud management consoles, and grant access based on the principle of least privilege; regularly review credential usage records and immediately revoke unnecessary or long-unused access permissions.

Yang Cheong-sam, Secretary General of the PIPC, stated that in a cloud environment, a single credential such as an access key, database account, or API key can provide access to critical systems, making secure account and permission management essential. He urged companies to manage credentials properly, avoid storing them in source code or development collaboration tools, and prevent personal data leak incidents by using temporary credentials and strengthening access controls. He also emphasized that if credentials are accidentally uploaded to a code repository, even after deletion from the workspace, the information may still remain in configuration management history; the compromised credentials should be immediately discarded and replaced with newly issued ones.

This article is compiled by Wedoany. All AI citations must indicate the source as "Wedoany". If there is any infringement or other issues, please notify us promptly, and we will modify or delete it accordingly. Email: news@wedoany.com