An exposed password let a hacker access internal Comodo files

A hacker gained access to internal files and documents owned by security company and SSL certificate issuer Comodo by using an email address and password mistakenly exposed on the internet.
The credentials were found in a public GitHub repository owned by a Comodo software developer. With the email address and password in hand, the hacker was able to log into the company’s Microsoft-hosted cloud services. The account was not protected with two-factor authentication.
Jelle Ursem, a Netherla