"Telemarketing Biz Exposes 114,000 in Cloud Config Error"
Security researchers at vpnMentor found an unsecured AWS S3 bucket on December 24 last year. The bucket was traced to Californian business CallX, whose analytics services are used by clients to improve their media buying and inbound marketing. The AWS S3 bucket leaked the personal details of potentially tens of thousands of consumers. The researchers found 114,000 files left publicly accessible in the leaky bucket. Most of the files were audio recordings of phone conversations between CallX clients and their customers. An additional 2000 transcripts of text chats were also viewable. Personally identifiable information (PII) contained in these files included full names, home addresses, phone numbers, and more. Unfortunately, the bucket remains open. VpnMentor has tried to contact CallX with no response. The research team first reached out to the firm on January 3, 2021, and then to AWS on January 6.
Infosecurity reports: "Telemarketing Biz Exposes 114,000 in Cloud Config Error"