SOS Online Backup breach exposes 135 million customer records

This massive breach could have legal ramifications for this industry-leading provider

VpnMentor has discovered a breached database belonging to cloud backup provider SOS Online Backup, said to contain data relating to around 135 million customer records. 

The research team was able to access the breached database because it was left completely unsecured and unencrypted, described as a serious lapse in data security by an industry-leading provider.

The exposed database is said to have amounted to nearly 70GB of metadata relating to user accounts. This breach included structural, reference, descriptive and administrative metadata. The database also contained customers’ personal information, including full names, contact details and usernames.

VpnMentor discovered the breach in November 2019, and its research team analyzed it on December 9th. The team contacted SOS Online Backup the next day, and the company closed the breach in mid-December.

By exposing such a vast amount of metadata and user information, SOS Online Backup has made itself and its customers vulnerable to malicious attacks and fraud. In the report, the research team warned this database "could have been a goldmine for cybercriminals and malicious hackers, with access to cloud storage highly sought after in the online criminal underworld."

There is also the potential SOS Online Backup will face legal action from governments and regulatory bodies in the countries it operates. For instance, California, where the company is based, passed the California Consumer Privacy Act, which may come in to play as this situation develops.

Related Resource

How enterprises are embracing cyber security challenges

Enterprises across Europe, the Middle East and Africa are undergoing a significant transformation

Download now

Based in the U.S., SOS Online Backup offers personal and business packages to customers around the world. The company has emphasized it is able to provide customers with 100% data privacy, safety and security across all devices. After a massive data breach like this, such a claim may no longer ring true.

Featured Resources

Four cyber security essentials that your board of directors wants to know

The insights to help you deliver what they need

Download now

Data: A resource much too valuable to leave unprotected

Protect your data to protect your company

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

Most Popular

Cisco acquires container security startup Banzai Cloud
Security

Cisco acquires container security startup Banzai Cloud

18 Nov 2020
macOS Big Sur is bricking some older MacBooks
operating systems

macOS Big Sur is bricking some older MacBooks

16 Nov 2020
46 million Animal Jam accounts leaked after comms software breach
Security

46 million Animal Jam accounts leaked after comms software breach

13 Nov 2020