Back in November a company called Voxox exposed an SMS database with millions of text messages. Now it’s revealed a company called Voipo did the same thing (via TechCrunch).
Voipo, a communications provider out of Lake Forest, California, exposed tens of gigabytes of customer data. Security researcher Justin Paine discovered the database last week, and reached out to inform the company’s CTO.
But before Mr. Paine told them where to look, the database had been taken offline, suggesting the company was aware of the problem. It’s a huge database containing 7 million call logs, 6 million text messages, and internal documents with passwords store in plain text.
VOIPO indicated this was a development server that had accidentally been left publicly accessible. However, they also confirmed in their reply to me that the database also contained “valid data” — i.e. real production data. They did not specify which data was allegedly development data and which was production data though.Justin Paine
Voipo CEO Timothy Dick said the company found no evidence in logs or on its network that a data breach happened.