YX International, the company behind the exposed database, left it accessible without a password, potentially compromising security codes for Facebook, Google, and TikTok accounts.
Two-factor authentication (2FA) via SMS, a widely used security measure, can be less secure compared to app-based authentication. The exposed database contained critical security information like password reset links for major tech companies, underlining potential risks.