DataSafe Applications Pty Ltd, an Australian company that provides a comprehensive, one-stop software solution for the financial services and lending industry, has allegedly become the victim of a significant data breach. An actor on a hacking forum has claimed to have leaked the complete source code for the company’s platform, DataSafeApps.com.au. The company, which offers services like a fully-integrated Loan Management System (LMS), secure document signing, and client tracking, is a critical vendor for lenders, brokers, and law firms, primarily in Australia.
The alleged breach could have severe implications for DataSafeApps and its clients. The company’s platform is designed to handle highly sensitive financial and personal information, boasting features like blockchain security and end-to-end accounting. The exposure of the full source code could allow malicious actors to analyze the application for critical vulnerabilities, potentially leading to unauthorized access to the sensitive data of the businesses and individuals that rely on their system. The leaked files allegedly include critical components of the application’s infrastructure.
Some of the allegedly exposed file and data types include:
- Login and password reset functionalities
- Database administration tools (phpmyadmin)
- API endpoints
- PDF and Excel generation scripts
- Core application logic and configuration files
- Client-side and server-side scripts
