Another day, another breach. A security breach of a Voxox server has exposed the database containing tens of millions of text messages. The exposed server belongs to the California-based communications company. According to TechCrunch, the server was not protected with a password, allowing any miscreant to snoop on the data, including real-time conversations.
The server was found on Shodan, which is a search engine for publicly available devices and databases. It was also attached to one of Voxox’s own subdomains. The worst part is that the server was running on Amazon’s Elasticsearch, making the data within easily readable and searchable for specific details.
TechCrunch’s investigation into the matter found that the database appeared to have a little over 26 million text messages year-to-date. However, it is likely the figure may be higher. The compromised data also included details on two-factor authentication code. The company is reportedly looking into the matter.