"AWS access key with full administrative privileges ... was inadvertently committed to software code in a private repository on GitHub ... another team member failed to fully disable and remove the key after creating a replacement one"

https://www.channelnewsasia.com/singapore/shopback-fined-data-leak-million-customers-personal-3705006