Comodo server password was stored in clear text
Comodo is a major provider of SSL security certificates. But they had problems with their security.
The email address email and password to the company’s cloud storage. The repository is owned by a Comodo developer.
Sales documents, customer information (phones, emails), team calendars, reports of other Comodo vulnerabilities, and other files were stored there.
It turned out that the detected email and password were used more than once. But fortunately, no private keys of client certificates were found on the server.
The access data to the server has already been changed, but the imprint on the company’s reputation has appeared. Because they have to ensure the safety of customers, but cannot provide their own.