SOS Online Backup exposed 135M records via unsecured cloud storage
Cloud backup provider SOS Online Backup has exposed 135 million records online in the latest case of a company failing to secure its cloud storage.
Discovered and reported today by security researchers Noam Rotem and Ran Locar at vpnMentor, the data belonging to SOS Backup Data was exposed to all and sundry in November. The company was first contacted Dec. 10, but with no response, the security researchers tried to contact it again Dec. 17. The database was taken offline Dec. 19.
The database included the full name of users along with email addresses, phone numbers, internal company details and account usernames.
The irony of the data exposure is that SOS Online Backup pitches itself as a secure cloud-based backup provider with award-winning bulletproof backup. “Not all clouds store data in a way that is private. SOS Online Backup DOES!” the company claims on its website.
By exposing customer data, SOS Online Backup puts its clients at risk to a range of attacks and fraud. “This database could have been a goldmine for cybercriminals and malicious hackers, with access to cloud storage highly sought after in the online criminal underworld,” the researchers noted.
The data breach is bad for the company’s reputation but corporate damage aside, the company may be facing more serious legal issues. Now that the data breach is public, SOS Online Backup faces an investigation by California regulators under the California Consumer Privacy Act. And if it has any European customers, it also faces investigation under the European Union General Data Protection Privacy regulation.
SOS Online Backup has yet to comment on the report after SiliconANGLE contacted the company.
According to data from Crunchbase, SOS Online Backup has raised $4 million in venture capital funding. The only listed investor is Splashpond Investors. The company is based in the greater Los Angeles area, meaning that it’s required to be compliant with California law.
Image: SOS Online Backup/YouTube
Since you’re here …
Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant enterprise and emerging technology content to you. Thanks!
Support our mission: >>>>>> SUBSCRIBE NOW >>>>>> to our YouTube channel.
… We’d also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.