An unprotected database belonging to Californian voice over IP services provider VOIPO was left publicly available. Justin Pane, Director of Trust & Safety, Cloudfare found the unsecured database on January 8, 2019, via Shodan search engine. The database which was used for development purposes had been accidentally left online.
What was exposed?
The exposed database contained millions of VOIP call logs, SMS/MMS records, and internal system credentials including hostnames, usernames, passwords, and API keys.
However, Pane noted that the VOIP call logs were partially discarded before being loaded into the database, therefore, using this information for malicious activities would be difficult. Pane further stated that he did not see any Two-factor authentication values logged with the SMS/MMS records, however, there are possibilities for this data to have been leaked
What was the immediate action taken by VOIPO?
Pane reported VOIPO about the leaky database. Upon learning about the incident on January 8, 2019, the company immediately took the system offline within a few hours in order to secure the database.
The company confirmed that valid data has been contained in the database and said that the database was used for development purposes and had been inadvertently left online.
“The exposure of internal information, however, is more serious. This could have resulted in a complete compromise of any system which used the leaked credentials, giving attackers access to sensitive company information,” ZDNet noted.