Skip to main content

Latest SMS breach could allow hackers access to your online accounts

how to send a text from your email account
kantver/123RF

More than 26 million text messages may have been breached as a result of an unsecured database operated by telecommunications company Vovox. Cybersecurity researcher Sebastien Kaul discovered that the unsecured database was not even password protected, and information contained within those messages include passwords in plain text, two-factor authentication codes, account security codes, tracking information for package shipments, account reset codes, and even medical appointment reminders. Notably, these messages include communications from banks, medical institutions and hospitals, Yahoo, Google, Microsoft, and Huawei.

When a developer sends a two-factor authentication code or when a user requests a login link via text messages, “it’s firms like Voxox that act as a gateway and converting those codes into text messages, to be passed on to the cell networks for delivery to the user’s phone,” TechCrunch noted of Vovox’s role in maintaining an unsecured database of SMS messages. SMS, which stands for short message service, is another name for text messages sent over a carrier’s network.

Vovox has since pulled the database, and at this time it’s unclear if any information contained within the database had been accessed by a malicious actor. In addition to having information about the recipient’s mobile number, the database potentially offered any hacker near real-time access to password reset links and two-factor authentication codes. This places many accounts at risk. Vovox cofounder and CTO Kevin Hertz told TechCrunch in an email that the company is investigating the breach and that it is also “evaluating impact.”

According to Kaul, the database contained records with detailed information about the message. “Each record was meticulously tagged and detailed, including the recipient’s cell phone number, the message, the Voxox customer who sent the message and the shortcode they used,” TechCrunch said.

Although when used with login credentials, SMS verification offers more protection than a merely using a username and password, more recently security experts have issued warnings about the vulnerability of SMS systems. Primarily, researchers have warned that SMS messages could be intercepted, and this latest breach is a prime example of that. As a result, experts say that utilizing authentication apps or hardware-based USB security keys, like Google’s Titan keys, are safer options when it comes to multi-factor authentication.

Editors' Recommendations

MacGPT: how to use ChatGPT on your Mac
The MacGPT app for macOS Monterey and Ventura.

Apple might not officially be in the AI space, but a developer has created a legitimate way to bring ChatGPT to macOS and make the chatbot accessible from your menu bar.

The aptly named MacGPT is an application developed by Jordi Bruin that allows you to install ChatGPT as a remote browser on your Mac desktop. The application has been available since the 2022 holiday season and has garnered over 370 ratings, many of which are five stars. MacGPT is currently free, however, Bruin accepts donations. Once out of beta, he will make MacGPT available at the App Store, where it will sell for $5.

Read more
Grammarly’s new ChatGPT-like AI generator can do a lot more than proofread your writing
GrammarlyGO's Rewrite for Length feature is shown.

Grammarly, one of the biggest names in writing tools, is adding AI-generated text to its repertoire on the heels of the wild popularity of ChatGPT. Known as GrammarlyGO, this new tool is focused on improving writing rather than replacing the writer.

GrammarlyGO will roll out in beta form to existing users in April. All tiers, including developers, business, education, and premium users, will have access. You can even use GrammarlyGO with a free account.

Read more
Windows 10 Home vs. Pro vs. S mode: What’s the difference?
dell xps 15 2 in 1 review version 1522861390 front display

Windows 10 still holds its own, despite Windows 11 being worth the upgrade. It has many of the same features as its younger sibling, and with some applications, it still performs better. But if you plan to install Windows 10 on a new computer, you'll need to pick from one of the many options of Windows 10 to install.

Should you install Windows 10 Home? Windows 10 Pro? What about S Mode? In this guide to Windows 10, we'll break down the most popular versions and why one or the other might be best for you.
Windows 10 Home vs. Pro vs. S mode features
It can be challenging to work through all the Windows 10 versions to decide which one is right for your needs. All three mainstream versions are on this list and should give you the best choices for general computing or school. 

Read more