Private browsing history of South African mobile users exposed in massive data breach

Jopie Fourie

Expert Member
Joined
Aug 30, 2019
Messages
2,251
I just browsed quickly over this database. Scary too see how many MyBB members are on there using the same usernames and even more scary, the same passwords.... and these are members 15 years on this forum!
 

LazyLion

King of de Jungle
Joined
Mar 17, 2005
Messages
102,936
Oh crap... The My Little Pony stuff was for my daughter, guys.
 
  • Like
Reactions: OCP

greg0205

Honorary Master
Joined
Apr 18, 2010
Messages
16,557
I just browsed quickly over this database. Scary too see how many MyBB members are on there using the same usernames and even more scary, the same passwords.... and these are members 15 years on this forum!
How exactly are you accessing the database?
 

Daruk

Honorary Master
Joined
Jul 18, 2008
Messages
45,591
"Additionally, the breached database exposed how Conor’s web filter app worked and its rules for blocking content."

1) your ISP spies on you
2) your ISP records all your traffic
3) your ISP decides what is appropriate and what is not and blocks what they deem to be inappropriate
4) any employees of these organisations have access to your personal browsing habits.

As for those who think SAG blocking porn is an issue...
 

Fulcrum29

Honorary Master
Joined
Jun 25, 2010
Messages
34,207
So...

Vodacom confirmed that Conor Solutions (Adapt IT) is one of its suppliers.

“We were made aware this week of the vulnerability, which was disclosed to Conor Solutions, and which we understand has since been closed,” Vodacom told MyBroadband.

“Vodacom does not use the Conor Solutions service where the vulnerability was identified, but continues to monitor the situation.”

...

Telkom told MyBroadband that it is a customer of Adapt IT and Conor Solutions.

“Telkom can confirm that it is a customer of AdaptIT which provides support for software products developed by Conor Solutions,” the mobile network told MyBroadband.

“These products are deployed and operated entirely within Telkom’s own networks in support of Telkom products and services.”

Telkom said that it does not make use of Conor Solutions’ web filtering service.

...

AdaptIT, the company which acquired Conor Solutions last year, said that it was made aware of the data breach on 10 December, when we first contacted it for comment.

---

Shabalala said that Conor Solutions closed the vulnerability as soon as it was made aware of the exposed data, adding that the service had been discontinued.

---

This portal is completely separate from any databases or applications where personal data may be processed through any of our other applications.”

---

“Adapt IT has contacted the affected customers directly and no further action is required from our customers. As the portal had been terminated before Adapt IT became aware of the possible access, no further preventative measures are required.”
In Europe, these companies would have a whole other tune because they would have been held responsible and accountable.

As per VPNMentor,

How and Why We Discovered the Breach
The vpnMentor research team discovered the breach in Conor’s databases as part of a huge web mapping project. Our researchers use port scanning to examine particular IP blocks and test open holes in systems for weaknesses. They examine each hole for data being leaked.

When they find a data breach, they use expert techniques to verify the database’s identity. We then alert the company to the breach. If possible, we will also alert those affected by the breach.

Our team was able to access this database because it was completely unsecured and unencrypted.

Conor was using an Elasticsearch database, which is ordinarily not designed for URL use. However, we were able to access it via browser and manipulate the URL search criteria into exposing the database schemata.

...

For Conor’s Clients

We recommend reassessing or auditing your inhouse data security and privacy protocols. You should also thoroughly vet any 3rd party applications you adopt or contractors you hire to ensure they’re following up-to-date data security best practices.

In the meantime, contact Conor directly to find out how they have resolved this data leak and what steps they’re taking to ensure something like this doesn’t happen again.
Guess what? The portal has been terminated or discontinued so the issue is resolved. No, it isn't, the data may already be out in the wild.

No accountability. I like how they closed the vulnerability, but the database isn't vulnerable through the portal which was terminated in any case. How does the portal call on these databases and applications?

Vodacom and Telkom, does your subscriber terms allow this?
 

Fulcrum29

Honorary Master
Joined
Jun 25, 2010
Messages
34,207
I just browsed quickly over this database. Scary too see how many MyBB members are on there using the same usernames and even more scary, the same passwords.... and these are members 15 years on this forum!
So you skim through your own exposed user accounts? Shame :X3:
 

Fulcrum29

Honorary Master
Joined
Jun 25, 2010
Messages
34,207
He seems to be a bit "House-ee" - Maybe I am wrong.
He implied that he has access to private data. Vodacom, Telkom and Adapt IT, including other associated parties, should be asking questions.

Whether he has access or not, it isn't an intelligent post to make.
 
Top