![backup code google authenticator backup code google authenticator](https://azurplus.fr/wp-content/uploads/1605527739_977_Comment-utiliser-Google-Authenticator-et-dautres-applications-dauthentification-a-deux.png)
![backup code google authenticator backup code google authenticator](https://mrmad.com.tw/wp-content/uploads/2019/12/google-authenticator-backup-and-transfer-ios-8.jpg)
The database had monthly logs dating back to July 2023 and was growing in size by the minute. Sen told TechCrunch that the exposed database included the contents of text messages sent to users, including one-time passcodes and password reset links for some of the world’s largest tech and online companies, including Facebook and WhatsApp, Google, TikTok, and others. Sen said it was not apparent who the database belonged to, nor who to report the leak to, so Sen shared details of the exposed database with TechCrunch to help identify its owner and report the security lapse. YX International claims to send 5 million SMS text messages daily.īut the technology company left one of its internal databases exposed to the internet without a password, allowing anyone to access the sensitive data inside using only a web browser, just with knowledge of the database’s public IP address.Īnurag Sen, a good-faith security researcher and expert in discovering sensitive but inadvertently exposed datasets leaking to the internet, found the database. SMS routing helps to get time-critical text messages to their proper destination across various regional cell networks and providers, such as a user receiving an SMS security code or link for logging in to online services. The Asian technology and internet company YX International manufactures cellular networking equipment and provides SMS text message routing services. A technology company that routes millions of SMS text messages across the world has secured an exposed database that was spilling one-time security codes that may have granted users’ access to their Facebook, Google and TikTok accounts.