{
	"id": "6d9655b5-423a-4a5f-884b-fb1dd788bbf5",
	"created_at": "2026-04-06T00:19:16.394045Z",
	"updated_at": "2026-04-10T03:21:21.844593Z",
	"deleted_at": null,
	"sha1_hash": "824ef10fc4a69691301928f5a29bdb4b9d44e266",
	"title": "Broadvoice Leak Exposes 350M Records, Personal Voicemail Transcripts",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 68120,
	"plain_text": "Broadvoice Leak Exposes 350M Records, Personal Voicemail\r\nTranscripts\r\nBy Tara Seals\r\nPublished: 2020-10-15 · Archived: 2026-04-05 23:00:32 UTC\r\nCompanies that use Broadvoice’s cloud-based VoIP platform may find their patients, customers, suppliers and\r\npartners to be impacted by a massive data exposure.\r\nUPDATE\r\nBroadvoice, a well-known VoIP provider that serves small- and medium-sized businesses, has leaked more than\r\n350 million customer records related to the company’s “b-hive” cloud-based communications suite.\r\nThe data includes hundreds of thousands of voicemail transcripts, many involving sensitive information such as\r\ndetails about medical prescriptions and financial loans.\r\nBroadvoice provides one of the more popular business platforms for communications, which includes voice,\r\ncontact-center technology, remote-workforce help, Salesforce.com integration, unified communications, SIP\r\ntrunking and more. Much of this is offered via b-hive, which it hosts on behalf of customers such as doctors’\r\noffices, law firms, retail stores, community organizations and more.\r\nBecause its technology underpins these customers’ basic interactions with patients, clients, partners, suppliers and\r\nothers, plenty of personal data flows through Broadvoice’s cloud-based systems. And that data is apparently\r\nretained by the company, so that its business clients can access it if needed, for analytics and call-center quality\r\ncontrol, among other things.\r\nUnfortunately, according to researchers at Comparitech, Broadvoice left an Elasticsearch database cluster\r\ncontaining such information open to the internet, accessible to anyone, with no authentication required. The cache\r\nof data included records with personal details of Broadvoice clients’ customers, they noted.\r\nThe misconfigured cluster included 10 separate collections of data, related to b-hive.\r\nThe largest collection (275 million records) included full caller name, caller ID, phone number, and city and state.\r\nMeanwhile, a collection entitled “people-production” contained account ID numbers for Broadvoice’s own\r\ncustomers, which allowed researchers to cross-reference entries with records in other collections.\r\nBut the most concerning one held 2 million voicemail records, with more than 200,000 transcripts.\r\nhttps://threatpost.com/broadvoice-leaks-350m-records-voicemail-transcripts/160158/\r\nPage 1 of 3\n\n“Many of the transcripts included select personal details such as full name, phone number and date of birth, as\r\nwell as some sensitive information,” according to a Comparitech posting on Thursday. “For example, some\r\ntranscripts of voicemails left at medical clinics included names of prescriptions or details about medical\r\nprocedures. In one transcript, the caller identified themselves by their full name and discussed a positive COVID-19 diagnosis.”\r\nResearchers added, “Other voicemails left for financial-service companies included details about mortgages and\r\nother loans, while there was at least one instance of an insurance-policy number being disclosed.”\r\nMost of these records also contained a full name, business name or a generic name such as “wireless caller”;\r\nphone number; a name or identifier for the voice mailbox (such as “appointments”); and internal identifiers,\r\naccording to Comparitech.\r\nWhen reached for comment about Broadvoice’s data-retention policies, and whether its business customers will be\r\nissuing data-breach notifications to their own affected customers, Rebecca Rosen, vice president of marketing,\r\ntold Threatpost that the number of impacted businesses is likely less than 10,000.\r\n“To provide some perspective, we believe that the researcher accessed a sub-set of data that potentially impacted\r\nless than 10,000 customers,” she said. “Our investigation is otherwise ongoing, and we are not otherwise\r\ncommenting or speculating other than what we have posted online.”\r\nAside from the privacy implications, the data paves the way for convincing fraud attempts, researchers noted.\r\n“The leaked database represents a wealth of information that could help facilitate targeted phishing attacks,”\r\naccording to Comparitech. “In the hands of fraudsters, it would offer a ripe opportunity to dupe Broadvoice clients\r\nand their customers out of additional information and possibly into handing over money. For example, criminals\r\ncould pose as Broadvoice or one of its clients to convince customers to provide things like account login\r\ncredentials or financial information.”\r\nMeanwhile, “information about things like medical prescriptions and loan enquiries could be used to make\r\nmessages extremely convincing and persuasive.”\r\nThe collections were discovered by researcher Bob Diachenko on Oct. 1, and were secured the same day,\r\naccording to Broadvoice. The cluster had been uploaded on Sept. 28, meaning it was exposed for about four days.\r\n“Broadvoice takes data privacy and security seriously,” Broadvoice CEO Jim Murphy said in a statement. He\r\nadded, “At this point, we have no reason to believe that there has been any misuse of the data. We are currently\r\nhttps://threatpost.com/broadvoice-leaks-350m-records-voicemail-transcripts/160158/\r\nPage 2 of 3\n\nengaging a third-party forensics firm to analyze this data and will provide more information and updates to our\r\ncustomers and partners. We cannot speculate further about this issue at this time.”\r\nHe also said that Broadvoice is working with Diachenko to ensure that the retained data is destroyed.\r\nThis story was updated at 1 p.m. ET on Oct. 15 to include a statement from Broadvoice’s vice president of\r\nmarketing.\r\nSource: https://threatpost.com/broadvoice-leaks-350m-records-voicemail-transcripts/160158/\r\nhttps://threatpost.com/broadvoice-leaks-350m-records-voicemail-transcripts/160158/\r\nPage 3 of 3",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"references": [
		"https://threatpost.com/broadvoice-leaks-350m-records-voicemail-transcripts/160158/"
	],
	"report_names": [
		"160158"
	],
	"threat_actors": [],
	"ts_created_at": 1775434756,
	"ts_updated_at": 1775791281,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/824ef10fc4a69691301928f5a29bdb4b9d44e266.pdf",
		"text": "https://archive.orkl.eu/824ef10fc4a69691301928f5a29bdb4b9d44e266.txt",
		"img": "https://archive.orkl.eu/824ef10fc4a69691301928f5a29bdb4b9d44e266.jpg"
	}
}