A leaky database of SMS text messages exposed password resets and two-factor codes
Zack Whittaker reports:
A security lapse has exposed a massive database containing tens of millions of text messages, including password reset links, two-factor codes, shipping notifications and more.
The exposed server belongs to Voxox (formerly Telcentris), a San Diego, Calif.-based communications company. The server wasn’t protected with a password, allowing anyone who knew where to look to peek in and snoop on a near-realtime stream of text messages.
For Sébastien Kaul, a Berlin-based security researcher, it didn’t take long to find.
Read more on TechCrunch.