Thursday, December 3, 2020
Home Economy and Finance SBI data breach: Bank forgets to password secure its server, ends up compromising customer...

SBI data breach: Bank forgets to password secure its server, ends up compromising customer details

According to findings, this unsecured bank server was part of SBI Quick.

What can be called serious negligence on the part of India’s largest bank, the State Bank of India (SBI) forgot to secure its server hosting sensitive information in one of its Mumbai installations, allowing anyone to access financial information like bank balances and recent transactions of millions of its customers?

It is being anticipated that due to this blunder, information related to bank balance, bank account number and other key bits were leaked.

According to a report published by Techcrunch, a tip-off from an anonymous security researcher highlighted that “the bank had not protected the server with a password, allowing anyone who knew where to look to access the data on millions of customers’ information”.

Though there is no surety as to how long this lapse persisted, it was rectified soon after Techcrunch approached the bank and informed about the glitch.

None of the SBI officials commented on this matter.

According to findings, this unsecured bank server was part of SBI Quick. This facility allows the bank customers to send a message or make a call to carry out basic banking functions.

According to the information provided on the bank’s website, the ‘SBI Quick – MISSED CALL BANKING is a free service from the Bank wherein you can get your Account Balance, Mini Statement and more just by giving a Missed Call or sending an SMS with pre-defined keywords to pre-defined mobile numbers from your registered mobile number.’

Meanwhile, what makes it more concerning is that because this particular app connects the customer’s phone number to his/her account, the data leaked from the bank’s server can be used by identity thieves or scammers to swindle money from bank’s accounts.

The report issued by Techcrunch noted that after gaining entry to the unsecured SBI server, the Techcrunch team was able to see “text messages going to customers in real-time, including their phone numbers, bank balances, and recent transactions The bank sent out close to three million text messages on Monday alone.” The server also allowed access to the archive of messages till December 2018, that were supposedly sent to SBI users.

Its database also contained the customer’s partial bank account number, confirmed Techcrunch.

The India-based security researcher, Karan Saini asserted that “the data could be potentially used to profile and target individuals that are known to have high account balances”.

Saini also confirmed that knowing a phone number “could be used to aid social engineering attacks- which is one of the most common attack vectors in the country with regard to financial fraud,” he said.

Recently, State Bank of India (SBI) had alleged misuse of Aadhaar data. Logins and biometrics of their Aadhaar operators have been misused to generate unauthorised Aadhaar cards, bank officials informed UIDAI.

However, the Unique Identification Authority of India (UIDAI), the authority that established the database, had rubbished SBI’s claims.

SBI has more than 500 million customers across the world, with 740 million accounts.

  Support Us  

Whether NDTV or 'The Wire', they never have to worry about funds. In name of saving democracy, they get money from various sources. We need your support to fight them. Please contribute whatever you can afford

OpIndia Staffhttps://www.opindia.com
Staff reporter at OpIndia

Related Articles

Trending now

Here are 5 fear-mongering claims about the COVID vaccine, because even Harbhajan Singh is not ‘immune’ to rumours

Debunking claims about Covid-19 vaccine is the need of the hour as celebrities and influencers have started posting misleading information.

Mamata Banerjee brags about knowing 14 languages to compete with PM Modi, then says ‘I don’t like to show-off’: Read what happened

Well, the iconic "caa caa chi chi" song by Mamata Banerjee does not leave an iota of doubt on how talented the WB CM is

Kangana Ranaut vs Diljit Dosanjh fight turns ugly, she calls him Karan Johar’s pet dog

Days after Kangana mistook an elderly lady in Punjab farmers' protest for Bilkis Bano of Shaheen Bagh 'protests', Punjabi singer-actor Diljit Dosanjh got into a war of words with her on Twitter.

Swati Chaturvedi wants to sue Twitter user and send him to jail for exposing her history of manipulated media

Swati Chaturvedi wants to sue someone for pointing out she shared photoshopped image after having apologised for sharing the same photoshopped image.

Rahul Gandhi spreads misinformation and creates confusion regarding coronavirus vaccines. Here are the facts

It is shocking that Rahul Gandhi, instead of allaying fears of the public at the time of health emergency, has now chosen to play his pity politics on the issue of coronavirus vaccines.

Exposing hypocrisy of Congress, CPIM, Bharatiya Kisan Union and even Justin Trudeau over the Farm Bills 2020, point by point

The industry scale hypocrisy surrounding the protests around Farm Laws is staggering

Recently Popular

Ex-Indian cricketer Yuvraj Singh’s father Yograj Singh joins Farmer’s protests, justifies “Indira thok di” comment

Multiple videos of Yograj Singh, Yuvraj Singh's father, have gone viral on social media where he has been giving provocative speeches amid the ongoing farmer protests

Indian man proposes to his Australian girlfriend during Ind vs Aus cricket match, here is what happened next

While India's performance has been below par, netizens found happiness in the unusual proposal that became the highlight of the match.

Even pandering doesn’t get India Today a free pass: Here is why ‘liberals’ are today cancelling Rajdeep and Rahul Kanwal

'Liberals' are cancelling India Today, Rajdeep Sardesai and Rahul Kanwal over their coverage of the allegations against Shehla Rashid

Mirzapur: Three Brahmin boys found dead, family says they were murdered with eyes gouged out, police deny

The three cousins: 14-year-old Sudhanshu Tiwari, 14-year-old Shivam Tiwari and Hariom Tiwari were mysteriously found dead in a pond in the Lalganj police station area, Mirzapur.

MDH Masala owner Mahashay Dharampal Gulati passes away at 97

Mahashay Dharampal Gulati, the owner of the spices brand 'MDH' passed away on Thursday morning following a cardiac arrest.

Webchutney: A marketing company with a ‘liberal’ CEO that seems to be dragging Swiggy through the mud

Food delivery app Swiggy recently stoked controversy by responding to a troll account taking an extreme political side

PM Modi gave me pension, my sons assaulted me: Watch video of 85-year-old woman who wants to give 12-bigha land to PM Modi

The elderly woman said that while PM Modi gave her pension, her sons physically assaulted her, hence, she wanted to give land to him

Here are 5 fear-mongering claims about the COVID vaccine, because even Harbhajan Singh is not ‘immune’ to rumours

Debunking claims about Covid-19 vaccine is the need of the hour as celebrities and influencers have started posting misleading information.

Mamata Banerjee brags about knowing 14 languages to compete with PM Modi, then says ‘I don’t like to show-off’: Read what happened

Well, the iconic "caa caa chi chi" song by Mamata Banerjee does not leave an iota of doubt on how talented the WB CM is

Kangana Ranaut vs Diljit Dosanjh fight turns ugly, she calls him Karan Johar’s pet dog

Days after Kangana mistook an elderly lady in Punjab farmers' protest for Bilkis Bano of Shaheen Bagh 'protests', Punjabi singer-actor Diljit Dosanjh got into a war of words with her on Twitter.

Mangaluru police arrest online food delivery agent Nazeer Mohammad for painting graffitis hailing Islamic terror

The graffiti warned 'sanghis' and 'Manuvadis' that Lashkar and Taliban will be invited to deal with them.

Swati Chaturvedi wants to sue Twitter user and send him to jail for exposing her history of manipulated media

Swati Chaturvedi wants to sue someone for pointing out she shared photoshopped image after having apologised for sharing the same photoshopped image.

As China edges towards a food crisis, it looks at India to feed its citizens

Chinese President XI Jinping had launched Operation Empty Plate in the country in August to prevent wastage of food.

‘Why this selectivity?’, India slams UNGA for not speaking against persecution of followers of Indic religions as it does for Abrahamic religions

During 75th Session of the UNGA, India exercised its 'Right of Reply' and spoke on the selectivity of the UN resolutions passed last month.

Kerala: Enforcement Directorate raids residence of PFI leaders in Thiruvananthapuram and 4 other places

The PFI is under scanner for its alleged involvement in anti-Hindu Delhi Riots earlier this year

Bengaluru riots: CCB officials nab another absconding Congress leader Rakib Zakir

Zakir is the second corporator to get arrested in the Bengaluru riots case. Earlier, the CCB officials had arrested Congress leader and former mayor R Sampath Raj.

Connect with us

245,563FansLike
492,457FollowersFollow
20,300SubscribersSubscribe