"Peugeot Leaks Access to User Information in South America"

Stellantis' French automobile brand Peugeot exposed its customers in Peru, a South American country with a population of roughly 34 million. Although the country is not a particularly significant market for the automaker, this discovery is yet another example of how well-known brands fail to secure sensitive data. The Cybernews research team found an exposed environment file (.env) on the official Peugeot store for Peru on February 3. The exposed file contained a full MySQL database Uniform Resource Identifier (URI), a unique sequence of characters identifying a resource, and the username and password to access it. The file also contained a JSON Web Token (JWT) passphrase and the locations of private and public keys, in addition to a link to the site's git repository and a Symfony application secret. This article continues to discuss the exposed environment file hosted on the official Peugeot store for Peru and the potential impact of this leak. 

Cybernews reports "Peugeot Leaks Access to User Information in South America"