Australia markets close in 1 hour 27 minutes
  • ALL ORDS

    6,374.90
    -8.80 (-0.14%)
     
  • ASX 200

    6,168.20
    -5.60 (-0.09%)
     
  • AUD/USD

    0.7120
    +0.0003 (+0.04%)
     
  • OIL

    40.74
    +0.10 (+0.25%)
     
  • GOLD

    1,908.30
    +3.70 (+0.19%)
     
  • BTC-AUD

    18,236.67
    +2,722.42 (+17.55%)
     
  • CMC Crypto 200

    261.73
    +5.63 (+2.20%)
     
  • AUD/EUR

    0.6031
    +0.0013 (+0.22%)
     
  • AUD/NZD

    1.0676
    +0.0010 (+0.09%)
     
  • NZX 50

    12,430.07
    +22.78 (+0.18%)
     
  • NASDAQ

    11,662.91
    -2.45 (-0.02%)
     
  • FTSE

    5,785.65
    +9.15 (+0.16%)
     
  • Dow Jones

    28,363.66
    +152.84 (+0.54%)
     
  • DAX

    12,543.06
    -14.58 (-0.12%)
     
  • Hang Seng

    24,932.45
    +146.32 (+0.59%)
     
  • NIKKEI 225

    23,523.95
    +49.68 (+0.21%)
     

Cloud leak exposed sensitive data from over 200,000 voicemails

Jon Fingas
·Associate Editor
·1-min read

Some data leaks contain more sensitive info than most. Security researcher Bob Diachenko and Comparitech discovered (via Threatpost) that Broadvoice, a cloud VoIP provider for businesses, left over 350 million records exposed online in an unprotected cluster, including 2 million voicemail records with 200,000 transcripts. Many of those transcripts included sensitive data, and not just common elements like names and phone numbers — medical conditions, mortgages and insurance policies were all left open.

The largest general data collection, 275 million records, typically included full names, phone numbers, and cities.

The company told Comparitech that the data had been stored on September 28th and was locked down October 2nd, a day after Diachenko notified Broadvoice. There hasn’t been evidence of “misuse” so far, the company said. Marketing VP Rebecca Rosen told Threatpost that it believed “less than 10,000” businesses were impacted, although that doesn’t say how many of those companies’ customers were at risk.

The practical damage appears to have been limited as a result. Even so, this illustrates the dangers of insecure data. The wrong decision can expose vast amounts of info, and it can only take a subset of that data to create serious problems.