Sprint contractor’s unprotected AWS bucket exposes tens of thousands of customer phone bills

Analysts at Fidus Information Security, a UK penetration testing company, have discovered an unprotected Amazon Web Services (AWS) bucket,media reported. The findings contain more than 260,000 documents belonging to mobile customers from most large carriers, including AT?T, Verizon and T-Mobile.

Sprint contractor's unprotected AWS bucket exposes tens of thousands of customer phone bills

The vast majority of the files are mobile phone bills dating back to 2015, which reveal the names, addresses, phone numbers and call logs of subscribers. Other sensitive files were found on the vulnerable server, including at least one bank statement and screenshots of pages containing the user name, password and account PIN of the subscriber.

Fidus did not immediately identify the owner of the public server, so AWS was notified of the leak. The bucket is currently closed.

Sprint contractor's unprotected AWS bucket exposes tens of thousands of customer phone bills

TechCrunch was able to briefly browse some of these documents and find that one of them was marked “TEST”. Running the file through the metadata checker displays the name of the Deardorff Communications account manager. Deardorff is a marketing organization that handles Sprint promotions.

These documents may be used as proof of existing coverage so that Sprint can reimburse the cancellation fee for the subscriber. Almost all telecommunications companies do this to attract customers to each other.

Jeff Deardorff, the marketing company’s chief executive, confirmed that his company owns the AWS bucket and said they restricted access to the bucket on Wednesday after receiving the notice.

Deardorff told TechCrunch: “I have conducted an internal investigation to determine the root cause of this issue and we are reviewing our policies and procedures to ensure that this does not happen again.” “

There was no comment from AT?T and T-Mobile. A Verizon spokesman said the telecoms provider was “currently reviewing” the situation and would provide more details later. A Sprint spokesman said: “It has been ensured that the (Sprint) error has been corrected. “

Add a Comment

Your email address will not be published. Required fields are marked *