SOS Online Backup exposed 135M records via unsecured cloud storage
Cloud backup provider SOS Online Backup has exposed 135 million records online in the latest case of a company failing to secure its cloud storage.
Discovered and reported today by security researchers Noam Rotem and Ran Locar at vpnMentor, the data belonging to SOS Backup Data was exposed to all and sundry in November. The company was first contacted Dec. 10, but with no response, the security researchers tried to contact it again Dec. 17. The database was taken offline Dec. 19.
The database included the full name of users along with email addresses, phone numbers, internal company details and account usernames.
The irony of the data exposure is that SOS Online Backup pitches itself as a secure cloud-based backup provider with award-winning bulletproof backup. “Not all clouds store data in a way that is private. SOS Online Backup DOES!” the company claims on its website.
By exposing customer data, SOS Online Backup puts its clients at risk to a range of attacks and fraud. “This database could have been a goldmine for cybercriminals and malicious hackers, with access to cloud storage highly sought after in the online criminal underworld,” the researchers noted.
The data breach is bad for the company’s reputation but corporate damage aside, the company may be facing more serious legal issues. Now that the data breach is public, SOS Online Backup faces an investigation by California regulators under the California Consumer Privacy Act. And if it has any European customers, it also faces investigation under the European Union General Data Protection Privacy regulation.
SOS Online Backup has yet to comment on the report after SiliconANGLE contacted the company.
According to data from Crunchbase, SOS Online Backup has raised $4 million in venture capital funding. The only listed investor is Splashpond Investors. The company is based in the greater Los Angeles area, meaning that it’s required to be compliant with California law.
Image: SOS Online Backup/YouTube
A message from John Furrier, co-founder of SiliconANGLE:
Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.
We are holding our third cloud startup showcase on Sept. 22. Click here to join the free and open Startup Showcase event.
We really want to hear from you, and we’re looking forward to seeing you at the event and in theCUBE Club.