This alert may not be shared outside your organization, Do Not Repost or send, place on other websites, List servers, or send to others via email, including other associations or parties. Members and Law enforcement use only. Contact us for any permissions. To do otherwise will result in the loss of membership.
Complete Story
12/05/2019
Tens of Millions Exposed by SMS Data Leak
Info Security
Tens of millions of Americans may have been caught in another data leak after business SMS provider TrueDialog left a massive database exposed online, according to researchers.
The team at vpnMentor discovered the Oracle Marketing Cloud database hosted on Microsoft Azure in the US. It was apparently left wide open, exposing 604GB — or one billion entries — of sensitive information.
“It’s difficult to put the size of this data leak into context. Tens of millions of people were potentially exposed in a number of ways. It’s rare for one database to contain such a huge volume of information that’s also incredibly varied,” vpnMentor claimed.
“The database contained entries that were related to many aspects of TrueDialog’s business model. The company itself was exposed, along with its client base, and the customers of those clients.”
TrueDialog’s clients are mainly businesses and higher education institutions, which use its services to send out bulk marketing missives and alerts to their customers/students.
The leak exposed the full names, email addresses and phone numbers of SMS recipients as well as the content of messages, plus clear-text and easily decryptable base64-encoded account log-ins for TrueDialog clients.
Alerts
The FRPA alert system distinguishes us from other groups by gathering and providing information to law enforcement, retailers AND financial institutions.
more information
Resources
Your electronic library to help in fighting financial fraud for all of our partners.
more information