The IT security researchers at vpnMentor have discovered a trove of insecure data hosting on a company based in the United States. Named TrueDialog, the firm provides a range of texting solutions to businesses in the USA and as such had a database containing confidential data of its customers.
The data was identified to be belonging to the firm as their host ID which is “api.truedialog.com” was found on several occasions while observing the data. Hosted on Microsoft Azure & running on Oracle Marketing Cloud; it included millions of text messages, account usernames & passwords, phone numbers of both recipients & users, status indicators of messages sent like “read” and certain other account details.
To further estimate the scale of the data, it is to be noted that the size of it was found to be 604 GB, a substantial number to say the least. However, the exact amount of entries was not stated due to how the search functionality of the database works.
Additionally, “technical logs” were also found revealing the database structure. vpnMentor elaborates on this by stating how “there were hundreds of thousands of entries that documented the communication between different phone numbers linked to TrueDialogs marketing platform, Eloqua by Oracle.”
If this wasn’t enough, error logs we ..