The Broadband Guide
SG
search advanced

SMS breach reveals millions of personal details

2018-11-19 15:12 by
Tags:

 

A massive data breach has exposed tens of millions of SMS text messages. The breach involved a database of 26 million text messages, some of which included private customer data like password reset information, shipping notifications and two-factor authentication (2FA) codes.

The issue has been noticed by a security researcher out of Berlin named Sebastien Kaul. Using Shodan, a database search engine, Kaul found the database with the messages on a server belonging to Voxox, a communications company based in San Diego. The server wasn't protected with a password, allowing anyone who knew where to look to peek in and snoop on a near-real-time stream of text messages.

Among the data were two-factor authentication (2FA) messages allowing Booking.com partners to log into their company's extranet network, a password sent in plaintext to a Los Angeles phone number by dating app Badoo, and Huawei ID and Microsoft account password reset codes. There were also messages from Yahoo account keys, and user verification from other apps like KakaoTalk, Viber, and online quiz app HQ Trivia.

Using 2FA is generally regarded as a superior way of securing an account than using a password alone, but even adding that extra layer of security comes with its own unique risks.

Read more -here-

 

  User Reviews/Comments:
    rate:
   avg:
by htos1 - 2018-11-21 07:25
Never used any of those apps.
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About