A major chat log database belonging to popular messaging app JusTalk was left unprotected on the web for months, accessible to anyone who knew where to look. Cybersecurity researcher Anurag Sen uncovered the database, which did not have a password, storing unencrypted data including plenty of personally identifiable information, useful for cybercriminals looking to engage in identity theft (opens in new tab), social engineering, or other forms of cybercrime. The data included the messages themselves, user phone numbers (both sender and receiver), call logs, all sorted out just enough to be able to identify specific people and specific conversations.
…
Read more