IdentityForce LogoIdentityForce Logo
Protect What Matters Most.
Doctor on the phone leaving voicemail
Posted on October 21, 2020 by in Breach Response, Business, Data Breach & Technology, Identity & Privacy, Personal, Safeguarding Customers

Unsecured Database Leaks Personal Records and Voicemails

On October 1, 2020, security researchers at Comparitech discovered an unsecured database belonging to Broadvoice, a cloud-based communication company, that contained more than 350 million customer records, including voice message transcripts. The exposed Elasticsearch database enclosed personal details such as caller names, caller identification number, phone number, and location along with voicemail transcripts. A separate collection held over two million voicemail records, 200,000 of which included transcripts from various organizations that use the cloud voicemail system such as medical clinics, insurance companies, and financial institutions disclosing medical information, mortgages, and loans information, and insurance policy numbers.

The Danger Lurks in Phishing, Vishing, and Smishing

Robocalls made with a familiar phone number or texts asking you to confirm an appointment may sound more convincing when the crook on the phone has more details than ever about your day to day life. Scammers are prepared to deploy bulk vishing and smishing messages to capture victims’ Personally Identifiable Information (PII) as soon as the opportunity arises through easy access to unsecured databases. Data leaks like this help facilitate fraudulent activities once it makes its way to cybercriminals through the Dark Web. Fueled with extra details from previous data breaches, fraudsters are able to manipulate their messaging and get you to share sensitive information that may result in loss of money, credit card fraud, medical identity theft, and identity fraud. Just because emails may not have been exposed in this particular security incident does not leave victims any safer from phishing scams. With the number of personal records and databases hackers have access to, it’s as easy as a phone number search.

Resources to Safeguard Your Personal Information

If you think you have been victimized by caller ID spoofing or any other type of scam, please get in touch with us. We can help you take the steps to protect what matters most.