In a recent cybersecurity incident, a US telemarketing firm leaked sensitive data of tens of thousands of customers after a misconfiguration of a cloud storage bucket happened. VpnMentor team's Noem Rotem identified the malicious AWS S3 bucket last year on 24 December. The finding was traced back to CallX, a Californian business, and its clients use the analytics service to strengthen their inbound marketing and media buying. As per the website, the company lends marketplace Lending tree, security provider Vivint and Liberty Mutual Insurance to its customers.
Rotem discovered around 1,14,000 files that were dumped openly in the leaky bucket. Most of the files were the audio recordings of call logs between customers and CallX clients, these were traced through the company's software. Besides this, 2000 text transcripts of conversations were also accessible. The files' PII (Personally Identifiable information) include user names, contact no, residential address, and much more.
"If cybercriminals needed additional information, they could hijack calls logged by CallX and do fake ‘follow up’ phone calls or emails posing as a representative of the relevant CallX client company. Using the transcripts, it would be easy to establish trust and legitimacy with targets in such schemes," reports VpnMentor. As the people exposed have no apparent relationship to one another, by the time the fraud was discovered, it may be too late, it says. VpnMentor alarmed that hackers could launch phishing attacks using the leaked data. CallX can also fall under regulatory scrutiny, being in the purview of the new CCPA (Californian privacy law). Sadly, the bucket is still open to date.
VpnMentor in its research team reported "our team discovered CallX’s S3 bucket and was able ..