All this information was being leaked publicly,exposing both Annatel, and its customers to fraud and attack.
Understanding a breach and its potential impact takes careful attention and time.
We work hard to publish accurate and trustworthy reports, ensuring everybody who reads them understands their seriousness.
Some affected parties deny the facts, disregarding our research, or playing down its impact.
So, we need to be thorough andmake sure everything we find is correct and accurate.
In this case, the Firebase database was labeled with the companys name, Annatel.
Furthermore, every conversation is between Annatel and another party.
The database wasleaking over a thousand chats,without any dates, and mostly in French.
They also claim to be based in either Hong Kong or mainland China.
Under such a context, it wouldnt be surprising that an Egyptian hacker decided to target an Israeli company.
Hossam doesnt explicitly extort or threaten Annatel.
While Hossam claims to have no interest in letting this happen, the intention is clear.
Likewise, its customers could also be targeted in numerous ways.
A dishonest - maybe even illegal - strategy, yes, but an effective one.
Simultaneously, these emails couldembed malware, ransomware, spyware, and similar viruses on a victim’s machine.
Securing a Firebase Database
Firebase is a Realtime Database built on the Google cloud.
To learn about data vulnerabilities in general,read ourcomplete guide to online privacy.
Upon discovering a data breach, our team employs specialized methods to confirm the identity of the database.
We then notify the concerned company about the existing vulnerability.
Our team was able to access this database because it was completely unsecured and unencrypted.
The purpose of this web mapping project is to helpmake the internet safer for all users.
As ethical hackers,were obliged to inform a company when we discover flaws in their online security.
We also never sell, store, or expose any information we encounter during our security research.
Our ethical security research team has discovered and disclosed some of the most impactful data leaks in recent years.
This has included an enormous data leakexposing the data of 10,000s of American restaurant diners.
[Publication date: 16.04.2020]
c’mon, comment on how to improve this article.
