SBI forgot to set password for user information, data leaked
The data leak case of India's largest bank State Bank of India has emerged. According to a report by American Tech Website TechCrunch, the bank's server was without the password. For this reason information of millions of customers can be accessed. This bank's server is in the Mumbai based data center.
This data center has 2 months of data stored in SBI Quick. SBI Quick is a system whereby the basic information pertaining to account holders to the account holder and the basic information related to the account is given. Due to not being secure, it has been easy to access.
According to reports, it is unclear how long this server is open and unprotected. A security researcher found the server open and TechCrunch reported it first. However, the security researcher who has highlighted this weakness of the State Bank of India has laid the condition of not disclosing the name.
Through the SBI Quick, the customers of the bank get the information about the missed calls and text messages. BAL has to send the keyword so that the bank identifies the registered mobile number of the customers and sends information to that number. Account balance and last five transaction details are available. Apart from this, ATM card blocks can also be made under this service.
TechCrunch has confirmed that back and text messages have been leaked, in which there are millions of message stores every day. Since no password was set in the database, all text messages in the cascators have been seen which are real time. These include the customer's phone numbers, bank balances and recent transactions.
These databases also have the portiographic account numbers of the customers. According to the report, this database access has also received information that the bank has sent approximately 3 million text messages only on Monday. This database has a daily archive of millions of text messages which is up to December i.e. anyone can view the financial information of these customers.
Without a password, the database can be quite dangerous for the sensitive information of the customer. Because it can access the information of the customers by accessing it, a hacker can collect them for doing wrong or fraud. The same can be easier for companies that advertise this database. Because the phone numbers of the customers are also given here.
State Bank of India has not yet issued any statement on this report. However, the State Bank of India has secured the database overnight.