Data breach at IT firm Conor leaks millions of records

According to researchers at vpnMentor, namely, a team led by Noam Rotem and Ran Locar, the South African IT firm Conor has experienced a major data breach. Conor is an information and communication technologies (ICT) company that has a staggering 80 million subscribers to their services.

Among these subscribers, there are numerous high-profile clients like Vodafone and Telkom. The breach occurred in a database that is 890GB in size and was not password protected while online.

The researchers at vpnMentor discovered a great deal of sensitive and potentially embarrassing information (in particular pornographic website visits) when parsing through the leaked records in the Conor data breach. This is shown in the excerpt below (all emphasis via bolding is present in the original research post):

The breached database contained daily logs of user activity by customers of ISPs using web filtering software built by Conor. It exposed all internet traffic and activity of these users, along with their PII data… Aside from the websites visited, this allowed our team to view a range of private personal user data every time someone logged onto the system. This included… the index names allowing easy identification of daily activity… MSISDN: a code that identifies a mobile phone user within their provider’s network, via their phone number… IP address, duration of connection or visit to a website, the volume of data (in bytes) transferred per session, full website URL, (and) if a website had been blocked by the filter or not.

vpnMentor researchers believe that Conor’s reputation will be significantly damaged by this data breach. The company does state on its website that it cannot guarantee absolute security, however, for a database to be left open in such a reckless manner Conor’s competency is called into question. The clients, especially the high-profile ones, will likely demand restitution and the company itself is bound to have issues gaining new clients.