SOS Online Backup breach exposes 135 million customer records

This massive breach could have legal ramifications for this industry-leading provider

VpnMentor has discovered a breached database belonging to cloud backup provider SOS Online Backup, said to contain data relating to around 135 million customer records. 

The research team was able to access the breached database because it was left completely unsecured and unencrypted, described as a serious lapse in data security by an industry-leading provider.

Advertisement - Article continues below

The exposed database is said to have amounted to nearly 70GB of metadata relating to user accounts. This breach included structural, reference, descriptive and administrative metadata. The database also contained customers’ personal information, including full names, contact details and usernames.

VpnMentor discovered the breach in November 2019, and its research team analyzed it on December 9th. The team contacted SOS Online Backup the next day, and the company closed the breach in mid-December.

By exposing such a vast amount of metadata and user information, SOS Online Backup has made itself and its customers vulnerable to malicious attacks and fraud. In the report, the research team warned this database "could have been a goldmine for cybercriminals and malicious hackers, with access to cloud storage highly sought after in the online criminal underworld."

There is also the potential SOS Online Backup will face legal action from governments and regulatory bodies in the countries it operates. For instance, California, where the company is based, passed the California Consumer Privacy Act, which may come in to play as this situation develops.

Related Resource

How enterprises are embracing cyber security challenges

Enterprises across Europe, the Middle East and Africa are undergoing a significant transformation

Download now

Based in the U.S., SOS Online Backup offers personal and business packages to customers around the world. The company has emphasized it is able to provide customers with 100% data privacy, safety and security across all devices. After a massive data breach like this, such a claim may no longer ring true.

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now

Most Popular


The top ten password-cracking techniques used by hackers

5 May 2020

Nokia breaks 5G record with speeds nearing 5Gbps

20 May 2020
cloud computing

Microsoft launches public cloud service for health care

21 May 2020