Two-Factor Authentication Using Your Cellphone is Dangerous – A Leaky Database if SMS Text Messages Exposed Password Resets and Two-Factor Codes

A security lapse has exposed a massive database containing tens of millions of text messages, including password reset links, two-factor codes, shipping notifications and more.

The server wasn’t protected with a password, allowing anyone who knew where to look to peek in and snoop on a near-real-time stream of text messages. Hundreds of password reset links, account numbers and more exposed.