Call logs are printed on every billing statement by default. I believe it may even include SMS messages in some cases.
This data has likely proliferated widely throughout the company, subsidiaries and contractors, to reside on an unknowable number of systems. I would assume call record metadata is fully compromised at this point.
That’s not to take away from the finding in the blog – I’m merely commenting on the question in its conclusion, about the implications of a barely know technology vendor controlling the vulnerable server holding this data.
This data has likely proliferated widely throughout the company, subsidiaries and contractors, to reside on an unknowable number of systems. I would assume call record metadata is fully compromised at this point.
That’s not to take away from the finding in the blog – I’m merely commenting on the question in its conclusion, about the implications of a barely know technology vendor controlling the vulnerable server holding this data.