Millions of SMS messages exposed in database security lapse

Tens of millions of SMS messages have been found on an unprotected database, putting the private data of hundreds of millions of people in the United States at risk for theft or exposure and leaving a communications company open for potential intrusion, security researchers discovered. Security researchers Noam Rotem and Ran Locar discovered the exposed database last month, which allowed anyone to read entire chains of conversations.

The database is run by TrueDialog, a business SMS provider for businesses and higher education providers, which lets companies, colleges, and universities send bulk text messages to their customers and students. The Austin, Texas-based company says one of the advantages to its service is that recipients can also text back, allowing them to have two-way conversations with brands or businesses.

The database is hosted by Microsoft Azure and runs in the U.S. on the Oracle Marketing Cloud. It contains 1 billion entries adding up to 604GB of data. This data includes information about TrueDialog's business, its business clients and the latter's customers. All of this information could have been used by bad actors to steal identities and money from those with information exposed in the breach. Additionally, all of this data could have been sold to marketers and scammers. Knowing all of this information would make it easier for bad actors to engage in phishing schemes.

Read more -here-

• Amazon Web Services experiencing widespread outage
• OneWeb emerges from Chapter 11 and recommences satellite launches
• Comcast extends 1.2TB monthly Xfinity data cap to nearly all customers
• Google is testing end-to-end encryption in Android Messages
• Apple to pay $113m to settle iPhone 'batterygate'
• Bitcoin price hits $18,000, the highest level since 2017