On December 19, a member with the nickname seasalt123 on the Raidforums forum posted a user database allegedly belonging to the website Breport.vn, a site created to help users report bugs about Bphone. The database includes email addresses, names, and phone numbers of over 200 users. Due to the small number of users, this data was shared for free by the aforementioned member.
After the above post attracted attention yesterday (December 21), BKAV immediately suspended the Breport website. On the same day, BKAV issued an official statement regarding the incident. BKAV stated that the fault lay with the “configuration of the Amazon cloud system” and that the development team used a portion of real customer data during testing.
“This testing system is being deployed independently on a server in a cloud infrastructure provided by Amazon, serving as an environment for the development team to test the service. The testing process used a portion of real data, and there was a configuration error in the system, leading to the aforementioned leak. This incident does not affect the official services, which are implemented on BKAV’s internal infrastructure,” the BKAV statement reads.
Recently, member seasalt123 responded to BKAV’s statement, claiming that BKAV had provided many false information to blame others for its own issues.
“BKAV responds to this leak with their familiar tactic: blaming others and claiming they did nothing wrong. So here is my answer.
BKAV advertises their website as the official customer support channel, treating it as a feature to sell more products. It is not in a “testing” state, and if I wait another 6 months, with the number of vulnerabilities in their products, I could have enough customers to sell data and make money, rather than posting it for free.
My data did not come from improper AWS (Amazon Web Services) configuration, and during the data extraction process, I did not interact with AWS at all. All issues stem from BKAV’s code, or as they say, “Core technology”. To “rub salt” in the wound, the open-source platform that BKAV uses is completely safe, but the additions they made expose all the data.
After this incident, I hope they will sincerely apologize to customers instead of blaming others.”
This is not the first time a hacker attacking BKAV has had to speak out to correct what is claimed to be false information provided by BKAV. In August, “chunxong”, who publicly sold multiple internal information of BKAV, was identified by BKAV as “a former employee who had left” and had malicious intent when stealing the company’s information. Chunxong later asserted that he was not a BKAV employee and was living abroad.