Millions of SMS messages exposed in database security lapse

Tens of millions of SMS messages have been found on an unprotected database, putting the private data of hundreds of millions of people in the United States at risk for theft or exposure and leaving a communications company open for potential intrusion, security researchers discovered. Security researchers Noam Rotem and Ran Locar discovered the exposed database last month, which allowed anyone to read entire chains of conversations.

The database is run by TrueDialog, a business SMS provider for businesses and higher education providers, which lets companies, colleges, and universities send bulk text messages to their customers and students. The Austin, Texas-based company says one of the advantages to its service is that recipients can also text back, allowing them to have two-way conversations with brands or businesses.

The database is hosted by Microsoft Azure and runs in the U.S. on the Oracle Marketing Cloud. It contains 1 billion entries adding up to 604GB of data. This data includes information about TrueDialog's business, its business clients and the latter's customers. All of this information could have been used by bad actors to steal identities and money from those with information exposed in the breach. Additionally, all of this data could have been sold to marketers and scammers. Knowing all of this information would make it easier for bad actors to engage in phishing schemes.

Read more -here-

• British regulator tells Facebook owner to sell Giphy
• Chinese province targets journalists and students in planned surveillance system
• Spotify tests a TikTok-like vertical video feed in its app
• First submarine cable between Europe and South America goes live
• T-Mobile to pay $20M settlement after 911 outage
• Apple sues Israeli spyware developer NSO Group