CenturyLink Data Exposed to Public [telecom]

by Anna Mulamba

Someone forgot to close the figurative "door." A third-party vendor affiliated with CenturyLink misconfigured a MongoDB database leaving it open and accessible to the public for about 10 months.

CenturyLink, a Fortune 500 technology company, was alerted by a security research firm that approximately 2.8 million records were left unprotected and vulnerable to potential misuse. Included in the affected database were API logs containing multiple pieces of personally identifiable information (PII), including names, email addresses, phone numbers, and addresses, along with account-specific information.

formatting link

Reply to
Bill Horne
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.