POST Online Media Lite Edition


African mobile internet users exposed in huge data leak

Christian Fernsby |
Led by cybersecurity analysts Noam Rotem and Ran Locar, vpnMentor’s research team discovered a data breach in a database belonging to South Africa ICT company, Conor.

Article continues below


The breached database contained daily logs of user activity by customers of ISPs using web filtering software built by Conor. It exposed all internet traffic and activity of these users, along with their PII data.

This included highly sensitive and private activity, including pornography.

Not only did Conor expose users to embarrassment by revealing such browsing activity, but they also compromised the privacy and security of people in many countries.

Based in South Africa, Conor is an information and communications technology (ICT) company that develops software products for clients in Africa and South America.

They create a range of solutions for businesses in numerous industries, including finance, mobile internet, SMEs, and data monetization.

Conor boasts 80 million mobile subscribers to their products, with some high profile clients, including Vodafone and Telkom.

Sometimes, the extent of a data breach and the owner of the data are obvious, and the issue quickly resolved. But rare are these times. Most often, we need days of investigation before we understand what’s at stake or who’s leaking the data.

Understanding a breach and its potential impact takes careful attention and time. We work hard to publish accurate and trustworthy reports, ensuring everybody who reads them understands their seriousness.

Some affected parties deny the facts, disregarding our research or playing down its impact. So, we need to be thorough and make sure everything we find is correct and true.

In this case, our team’s web scanner picked up the database on the 12th of November. It was clear the database contained a huge amount of data from many different sources, in various countries. However, the function of the database wasn’t initially clear, nor its relationship to the different ISPs and Conor.

The database was later reviewed and better understood, along with its connection to a web filter app built by Conor. We then reached out to the company to offer our assistance.

What to read next

Trump's team exposed private data of 198 million U.S. voters online
It take just one week for company to collect almost all data about your activities
No crime in Huawei 5G leak, says Scotland Yard