Millions Of Google, TikTok, Facebook 2FA Security Codes Leak Online

A technology company that processes millions of SMS text messages worldwide has resolved an issue with an exposed database that potentially leaked one-time security codes used to access Facebook, Google, and TikTok accounts.

YX International, an Asian technology and internet company, specializes in cellular networking equipment and SMS text message routing services. SMS routing is crucial for delivering time-sensitive text messages across various regional cell networks and providers, such as SMS security codes or login links for online services.

Millions Of Google, TikTok, Facebook 2FA Security Codes Leak Online

The company claims to send 5 million SMS text messages daily but recently left an internal database exposed without a password. Users with knowledge of the database’s public IP address could access this exposed database through a web browser.

Anurag Sen, a security researcher, discovered the exposed database and shared the details with TechCrunch to help identify the owner and report the security lapse. The database contained text messages sent to users, including one-time passcodes and password reset links for major tech and online companies like Facebook, WhatsApp, Google, and TikTok.

The database had monthly logs dating back to July 2023 and was continuously growing in size. Two-factor authentication (2FA) codes sent over SMS are not as secure as app-based code generators since SMS messages are prone to interception or exposure.

In addition to the text messages, the research also found internal email addresses and corresponding passwords associated with YX International. After receiving the alert, YX International quickly secured the database. However, the company did not disclose how long the database was exposed or if anyone other than Sen accessed it.

Companies must implement robust security measures to protect sensitive data and prevent unauthorized access.

See Also: Zeppelin Ransomware Source Code Sold for $500 on Hacking Forum

PTA Taxes Portal

Find PTA Taxes on All Phones on a Single Page using the PhoneWorld PTA Taxes Portal

Explore NowFollow us on Google News!

Onsa Mustafa

Onsa is a Software Engineer and a tech blogger who focuses on providing the latest information regarding the innovations happening in the IT world. She likes reading, photography, travelling and exploring nature.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
>