IdentifyMobile incident exposed 200M records from hundreds of companies
IdentifyMobile incident exposed 200M records from hundreds of companies
IdentifyMobile incident exposed 200M records from hundreds of companies
Despite using passwords and SMS-based one-time passwords, access to your online banking account, private email, or social media profiles could be
British bulk SMS provider IdentifyMobile exposed 200M records because a developer misconfigured an AWS S3 bucket and made it public. A research group from Germany spotted the issue and were able to access more than six terabytes of data. The said data included not only SMS message content but also phone numbers, sender names, and sometimes other account information.
Twilio also recently disclosed a security incident in relation to this news, but their alert email completely downplayed the level of data that was available from this AWS bucket.