The State Bank of India that left a database containing personal information exposed online.
The discovery was made by an anonymous security researcher that has found a server used for the bank’s Quick service, a mobile-based information service. Quick is “a free service from the Bank where in you can get your Account Balance, Mini Statement and more just by giving a Missed Call or sending an SMS with pre-defined keywords to pre-defined mobile numbers from your registered mobile number.”
The database was exposed online without protection and the database was located could gain access to the plaintext information it contained.
The archive contained millions of text messages, going back to December, that were exchanged by the bank with its customers. Exposed data includes the customer’s phone number, partial bank account number, bank balance and records of transactions.
The good news is that the State Bank of India quickly fixed the issue within hours after it was informed of the problem, unfortunately, it is not known how long the data remained exposed online or whether threat actors accessed to the huge trove of information.
The availability of this information poses a serious risk to bank customers, threat actors could use it to target bank customers.
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – data breach, State Bank of India)
[adrotate banner=”5″] [adrotate banner=”13″]
CISA adds Cisco ASA and FTD and CrushFTP VFS vulnerabilities to its Known Exploited Vulnerabilities…
U.S. CISA added the Windows Print Spooler flaw CVE-2022-38028 to its Known Exploited Vulnerabilities catalog.…
The U.S. Department of Justice (DoJ) announced the arrest of two co-founders of a cryptocurrency mixer…
Google addressed a critical Chrome vulnerability, tracked as CVE-2024-4058, that resides in the ANGLE graphics…
Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November…
A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute…
This website uses cookies.