Airtel Confirms Mobile App Flaw Exposed User Data Of Millions

  • Thread starter Thread starter socrates
  • Start date Start date
  • Replies Replies 3
  • Views Views 950
A Bengaluru-based researcher, who first noticed the fault, said the flaw existed in one of Airtel's API that allowed people to fetch sensitive user information of any Airtel subscriber - Security Flaw in Airtel - Ehraz Ahmed

In yet another massive data breach incident, data of over 32 crore subscribers of telecom major Bharti Airtel were exposed and became vulnerable due to a serious security flaw in its mobile application.

Ehraz Ahmed, a Bengaluru-based researcher, who first noticed the fault, said in his blog written that the flaw existed in one of Airtel's API (Application Program Interface) that allowed people to fetch sensitive user information of any Airtel subscriber.

According to reports, Airtel confirmed the breach saying that it has fixed the security flaw associated with its application.

Ahmed also posted a video, which shows a script being used to fetch the information from the Airtel mobile app's API.

"It revealed information like First and Last Name, Gender, Email, Date of Birth, Address, Subscription Information, Device Capability information for 4G, 3G & GPRS, Network Information, Activation Date, User Type [Prepaid/Postpaid] And Current IMEI number," he wrote in his blog.

The IMEI number can be used to identify the device of an user.

According to the blog, every user on Airtel network was at the risk of getting his/her information leaked through this vulnerability.
Click to expand...

www.livemint.com

Airtel's mobile app flaw exposes data of 32 crore subscribers

A Bengaluru-based researcher Ehraz Ahmed, who 1st noticed the fault, said the flaw existed in one of Airtel's API that allowed people to fetch sensitive user information of any Airtel subscriber
www.livemint.com www.livemint.com
www.hindustantimes.com

Airtel’s mobile app hit with security flaw which left millions of user data exposed

Airtel’s mobile app was hit with a security bug which exposed sensitive information of all its users. The security flaw has since been fixed.
www.hindustantimes.com www.hindustantimes.com
 
Major data breach. It could lead to lots of phishing calls. But, in a country where government can't control data breach of its own data, no one cares of this. We need major change in policies.
 
liverpool79 said:
www.livemint.com

Airtel's mobile app flaw exposes data of 32 crore subscribers

A Bengaluru-based researcher Ehraz Ahmed, who 1st noticed the fault, said the flaw existed in one of Airtel's API that allowed people to fetch sensitive user information of any Airtel subscriber
www.livemint.com www.livemint.com
www.hindustantimes.com

Airtel’s mobile app hit with security flaw which left millions of user data exposed

Airtel’s mobile app was hit with a security bug which exposed sensitive information of all its users. The security flaw has since been fixed.
www.hindustantimes.com www.hindustantimes.com
Click to expand...

This was posted yesterday Airtel Confirms Mobile App Flaw Exposed User Data Of Millions | Airtel 3G 4G LTE
 

Top