Although there are constantly appearing products and solutions supposedly “unhackables”, the experts in cyber security consultancy and even the cyber criminals are in charge of showing that they don’t exist. This happened to a provider from the cloud backup services, known as the “most secure of the world”, which have leaked a big amount of information of their clients, just the international day of security backup.
SOS Online Backup, with the headquarters in California, EE.UU., is a cloud backup company with presence in the five continents, According to the reports of the investigators of vpnMentor, the personnel of the company exposed the personal registers from more than 35 million of users.
Specialists in cyber security consultancy discovered more than 70GB of data shielded by the company, in which were details like:
- Complete names
- Usernames
- Emails
- Telephone numbers
- Internal details of company clients
Images from the exposed registers
Source: vpnMentor
Specialists are worried about the position that the company acquired about the incident. Despite the leak of information being detected in November 2019, the company never replied to the alerts sent by the experts of cyber security consultancy; the access to the compromised information wasn’t blocked after the discover either. The experts sent 2 more alerts after December 2019, but they weren’t replied either.
At the end, the database was secured by SOS Online Backup during the last days of 2019. It is unknown if some unauthorized user accessed to the information before that the access got blocked.
Between the unwished scenarios, the worst is that the information ends being sold in some hacking forum hosted in Dark web, said the investigators of the International Institute of Cyber Security (IICS).
About the possible reasons of the incident, is common to think that it has happened due a wrong security setting. Raif Mehmet, specialist in cyber security, foresees that these errors will keep appearing when the companies forget or stop to add the adequate policies of IT security. The configuration errors have been, are, and will keep being the main reasons for these accidents.