British bulk SMS provider IdentifyMobile exposed 200M records because a developer misconfigured an AWS S3 bucket and made it public. A research group from Germany spotted the issue and were able to access more than six terabytes of data. The said data included not only SMS message content but also phone numbers, sender names, and sometimes other account information.
Twilio also recently disclosed a security incident in relation to this news, but their alert email completely downplayed the level of data that was available from this AWS bucket.
You must log in or # to comment.