The Economic Times
12,248.2567.9
Stock Analysis, IPO, Mutual Funds, Bonds & More

Security flaw in Airtel app exposes customers data, fixed now

"It revealed information like first and last name, gender, email, date of birth, address, subscription information, device capability information for 4G, 3G & GPRS, network information, activation date, user type (prepaid or postpaid) And current IMEI number," cyber security researcher Ehraz Ahmed said in his blog.

PTI|
Updated: Dec 08, 2019, 06.57 AM IST
0Comments
Agencies
1
When contacted Bharti Airtel spokesperson acknowledged the flaw and said that it has been fixed as soon as the company was alerted about it.
NEW DELHI: An independent cyber security researcher found technical flaws in an application of Bharti Airtel that exposed "sensitive user information" which the company claims to have fixed now. According to the cyber security researcher Ehraz Ahmed the flaw existed in one of the Airtel app that allows "to fetch sensitive user information of any Airtel subscriber."

"It revealed information like first and last name, gender, email, date of birth, address, subscription information, device capability information for 4G, 3G & GPRS, network information, activation date, user type (prepaid or postpaid) And current IMEI number," Ahmed said in his blog.

The IMEI number is a unique number that can be used to identify the device of the user.

"Every user that is on India's Airtel network was at risk of getting his information leaked through this vulnerability, and risking over 325.5 million subscribers in India," Ahmed said.

When contacted Bharti Airtel spokesperson acknowledged the flaw and said that it has been fixed as soon as the company was alerted about it.

"There was a technical issue in one of our testing APIs, which was addressed as soon as it was brought to our notice. Airtel's digital platforms are highly secure. Customer privacy is of paramount importance to us and we deploy the best of solutions to ensure the security of our digital platforms," Airtel spokesperson said.

Also Read

Vodafone identified Huawei security flaw decade ago

Private Instagram posts aren't always private; security flaw makes it easy for anyone to view them

Apple admits major security flaw in Mac OS, apologises

Microsoft finds a remote security flaw in Chrome, Google fixes it

Comments
Add Your Comments
Commenting feature is disabled in your country/region.

Other useful Links


Copyright © 2020 Bennett, Coleman & Co. Ltd. All rights reserved. For reprint rights: Times Syndication Service