Broadvoice Data Leak Exposes 350 Million Personal Records

Broadvoice Data Breach

Unsecured Database Leaks Personal Records and Voicemails

On October 1, 2020, security researchers at Comparitech discovered an unsecured database belonging to Broadvoice, a cloud-based communication company, that contained more than 350 million customer records, including voice message transcripts. The exposed Elasticsearch database enclosed personal details such as caller names, caller identification number, phone number, and location along with voicemail transcripts. A separate collection held over two million voicemail records, 200,000 of which included transcripts from various organizations that use the cloud voicemail system such as medical clinics, insurance companies, and financial institutions disclosing medical information, mortgages, and loans information, and insurance policy numbers.

The Danger Lurks in Phishing, Vishing, and Smishing

Robocalls made with a familiar phone number or texts asking you to confirm an appointment may sound more convincing when the crook on the phone has more details than ever about your day to day life. Scammers are prepared to deploy bulk vishing and smishing messages to capture victims’ Personally Identifiable Information (PII) as soon as the opportunity arises through easy access to unsecured databases. Data leaks like this help facilitate fraudulent activities once it makes its way to cybercriminals through the Dark Web. Fueled with extra details from previous data breaches, fraudsters are able to manipulate their messaging and get you to share sensitive information that may result in loss of money, credit card fraudmedical identity theft, and identity fraud. Just because emails may not have been exposed in this particular security incident does not leave victims any safer from phishing scams. With the number of personal records and databases hackers have access to, it’s as easy as a phone number search.

Resources to Safeguard Your Personal Information

Continue following Fighting Identity Crimes to get the latest breach and scam updates, ID protection news & tips from our industry experts!

Follow us on social!
Facebook | Twitter | LinkedIn 


The views and opinions expressed in this article are those of EZShield Inc. alone and do not necessarily reflect the opinions of any other person or entity, including specifically any person or entity affiliated with the distribution or display of this content.

Eugene is the Director, Technology and Security of Sontiq, the parent company of the EZShield and IdentityForce brands. He oversees the architecture of the...
Read more about Eugene Bekker.

Leave a Comment.