An open database at text messaging solution company TrueDialog left user SMS messages exposed for months, putting nearly a billion records and “millions of Americans at risk,” according to the researchers who discovered the database, hosted by Microsoft Azure and running on the Oracle Marketing Cloud in the U.S. In addition to private text messages, the vpnMentor research team, led by Noam Rotem and Ran Locar, found millions of account usernames and passwords, as well as PII of TrueDialog users and their customers, adding up to 604 GB of data. The researchers had no difficulty in determining the database was owned by TrueDialog – a company that provides SMS solutions for businesses and has more than 5 billion subscribers globally – because its host ID “api.truedialog.com” appeared throughout.
Source: SC Magazine
