Saudi Caller ID App Dalil Left 5 Million Customer Records Exposed In Unsecured MongoDB

Another mobile app joins the trail of data leakage due to an unprotected server. Despite repeated incidences of data breaches and accidental exposures, it seems the service providers still pay no heed to cybersecurity. This time, a Saudi caller ID app Dalil faces the limelight. It allegedly left 5 million records exposed in unsecured MongoDB server.

Caller ID App Dalil Exposed 5M Records

Researchers found an unsecured MongoDB server that publicly exposed millions of records. As reported by ZDNet, the unsecured server linked back to a Saudi caller ID App Dalil. The exposed records included explicit personal data and activity logs of Dalil app users.

Allegedly, two researchers, Noam Rotem and Ran Locar found a MongoDB database without a password. Thus, the server left more than 5 million records vulnerable. What’s more terrible was that the app continued to log new data in the same open MongoDB without paying attention to its security. As revealed by Ran Locar in his tweet,

The exposed data allegedly included phone numbers, users registration details, users’ device details, call logs for individuals, telecom operator information, and GPS coordinates. The leaked data could even let a threat actor locate a user’s country of origin and country of the network.

Most of the customers affected in this incident belong to Saudi Arabia. However, the data leaked also included details of Emirati, Egyptian, European customers as well. Some numbers also had Israeli/Palestinian origin.

Vulnerable Database Now Closed

According to Ran Locar, they informed Dalil about the data exposure on February 26, 2019. Even at that time, he found that “at least one” threat actor already accessed their data.

“After we reported the issue to Dalil, we noticed a ransomware encrypted some data on the server, but new data kept being logged unencrypted.”

However, the service providers didn’t respond. Nor did they remove the database.

Nonetheless, after the public disclosure of the news, Locar confirmed in one of his tweets that the Dalil has now closed the database.

Take your time to comment on this article.

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Astaroth Banking Malware Runs Actively Targets Users In Brazil