Major SMS security lapse is a reminder to use authenticator apps instead


Technology / TheVerge 87 Views 0

A recent data breach has exposed a database of around 26 million text messages containing private customer information, reports TechCrunch. In addition to the privacy concerns, the breach also highlights the dangers of relying on SMS messages for receiving two-factor authentication codes or account reset links, which sees sensitive information sent over an unencrypted communications platform.

The breach was brought to light by a Berlin-based security researcher named S├ębastien Kaul, who discovered that the Voxox-managed database was discoverable, unprotected, and easily searchable for both names and telephone numbers. Since the server was still active after the breach was discovered, anyone could have monitored a near-real-time data...

Continue reading…