SMS Database Leak, Including Two-Factor Codes

Forum Moderators: open

Message Too Old, No Replies

SMS Database Leak, Including Two-Factor Codes

engine

4:30 pm on Nov 16, 2018 (gmt 0)

According to a researcher, tens of millions of text messages, including password reset links, two-factor codes, shipping notifications was sitting on an exposed server which wasn't protected by a password.

Worse, the database — running on Amazon’s Elasticsearch — was configured with a Kibana front-end, making the data within easily readable, browsable and searchable for names, cell numbers and the contents of the text messages themselves.

[techcrunch.com...]

The database is now offline, so that's ok, right! ;)

justpassing

5:43 pm on Nov 16, 2018 (gmt 0)

server which wasn't protected by a password

I don't password protect my servers either ... just use ssh with private key, and only allowing my static IP, I guess they were not doing this either :)

brotherhood of LAN

5:55 pm on Nov 16, 2018 (gmt 0)

There's programs that walk up and down the likes of Amazon's servers/ips/ports because it seems to be a gravitational centre for these kinds of mistakes.

apt get install ignorance

justpassing

6:00 pm on Nov 16, 2018 (gmt 0)

apt get install ignorance

graeme_p

6:58 pm on Nov 16, 2018 (gmt 0)

@justpassing, a server login was not needed, they had a web ui for the database publicly accessible and not requiring passwords. The article seems a bit confused. Elasticsearch has nothing to do with Amazon (You can run it on AWS, but I think the journo has confused it with AWS products with "Elastic" in the name)