Bob Diachenko of Kromtech Security reports:
One of the top companies that provides cloud-based unified communications has just leaked more than 600GB of sensitive files online.
The Kromtech Security Center has discovered not just one but two cloud-based file repositories (AWS S3 buckets with public access) that appear to be connected to the global communication software and service provider BroadSoft, Inc.
In short the repository contained a massive amount of sensitive information and researchers estimate It would take weeks to fully sort through all of the data. The most potentially damaging discovery was the fact that it contained internal development information such as SQL database dumps, code with access credentials, access logs and more. These are all things that should not be publically available online. The two repositories contained thousands and thousands records and reports for a number of Broadsoft clients with Time Warner Cable (TWC) appearing to be the most prominent and including applications like Phone 2 Go, TWC app, WFF etc.
Much of the internal development data apparently saved by Broadsoft engineers related to Time Warner Cable, Bright House Networks (BHN/Charter). For example “User Profile Dump, 07-07-2017” text file contains more than 4 million records, spanning the time period 11-26-2010 – 07-07-2017, with Transaction ID, user names, Mac addresses, Serial Numbers, Account Numbers, Service, Category details, and more. Other databases also have billing addresses, phone numbers etc. for hundreds of thousands of TWC customers.
Read more on MacKeeper Security Center. I was delighted to read this little note in their article: “Kromtech is now developing a free tool that will allow you to check security for public s3 buckets in a better way. ” If that can help reduce the number of exposed buckets and leaks, hooray for Kromtech!!