https://www.infosecurity-magazine.com/news/telemarketing-biz-exposes-114000/
Exploit: Unsecured Server
CallX: Telemarketing Firm
Risk to Business: 1.727 = Severe An unsecured AWS S3 bucket has been leaking information gathered by CallX, whose analytics services are utilized by a wide array of companies including LendingTree, Liberty Mutual Insurance and Vivint to improve their media buying and inbound marketing. Discovered by researchers, 114,000 files were left publicly accessibly in the leaky bucket. Most of these were audio recordings of phone conversations between CallX clients and their customers, which were being tracked by the firm’s marketing software. An additional 2000 transcripts of text chats were also viewable.
Individual Impact: 1.447 = Extreme Personally identifiable information (PII) contained in these files included full names, home addresses, phone numbers and call details. The leaked data can be used to launch spear phishing attacks and other fraud.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Information like this makes its way quickly to the bustling data markets and dumps on the dark web, seeding future trouble.
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
