Widely known Chinese cybersecurity company TopSec has been impacted by a data leak revealing more than 7,000 records shedding light on its likely role in the Chinese government's internet censorship efforts, Hackread reports.
Aside from including employee work logs, infrastructure administration commands, and hardcoded credentials, TopSec's "very large" and "disorganized" data dump also had files describing its participation in the Bureaus of the Ministry of Public Security's projects tracking website security and content, according to an analysis from SentinelOne's SentinelLabs researchers.
"It is highly likely that we have not identified all capabilities outlined in the leak. Our analysis approach focused on translating the Chinese language content, identifying known technologies, and identifying interesting references in the commands and API JSON artifacts," said the report.
Such findings — which follow U.S. sanctions against Chinese cybersecurity firms Integrity Technology Group and Sichuan Silence — should prompt an increased focus on secure coding and robust credential management.
