Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

admin
Pinned October 29, 2020

<> Embed

@  Email

Report

Uploaded by user
Cloud leak exposed sensitive data from over 200,000 voicemails
<> Embed @  Email Report

Cloud leak exposed sensitive data from over 200,000 voicemails

Jon Fingas, @jonfingas

October 17, 2020

Some data leaks contain more sensitive info than most. Security researcher Bob Diachenko and Comparitech discovered (via Threatpost) that Broadvoice, a cloud VoIP provider for businesses, left over 350 million records exposed online in an unprotected cluster, including 2 million voicemail records with 200,000 transcripts. Many of those transcripts included sensitive data, and not just common elements like names and phone numbers — medical conditions, mortgages and insurance policies were all left open.

The largest general data collection, 275 million records, typically included full names, phone numbers, and cities.

The company told Comparitech that the data had been stored on September 28th and was locked down October 2nd, a day after Diachenko notified Broadvoice. There hasn’t been evidence of “misuse” so far, the company said. Marketing VP Rebecca Rosen told Threatpost that it believed “less than 10,000” businesses were impacted, although that doesn’t say how many of those companies’ customers were at risk.

The practical damage appears to have been limited as a result. Even so, this illustrates the dangers of insecure data. The wrong decision can expose vast amounts of info, and it can only take a subset of that data to create serious problems.

Engadget RSS Feed

(14)