Data of over 32 crore subscribers of telecom major Airtel were exposed and became vulnerable due to a serious security flaw in its mobile application.
Ehraz Ahmed, a Bengaluru-based researcher, who first noticed the fault, said in his blog written on Friday (7 December) that the flaw existed in one of Airtel's API (Application Program Interface) that allowed people to fetch sensitive user information of any Airtel subscriber.
According to reports, Airtel confirmed the breach saying that it has fixed the security flaw associated with its application. Ahmed also posted a video, which shows a script being used to fetch the information from the Airtel mobile app's API.
"It revealed information like First and Last Name, Gender, Email, Date of Birth, Address, Subscription Information, Device Capability information for 4G, 3G & GPRS, Network Information, Activation Date, User Type [Prepaid/Postpaid] And Current IMEI number," he wrote in his blog.
The IMEI number can be used to identify the device of an user. According to the blog, every user on Airtel network was at the risk of getting his/her information leaked through this vulnerability.
Airtel is the third largest telecom service provider in the country in terms of subscribers after Vodafone-Idea and Reliance Jio.
(This story has been published from a wire agency feed without modifications to the text. Only the headline has been changed.)
As you are no doubt aware, Swarajya is a media product that is directly dependent on support from its readers in the form of subscriptions. We do not have the muscle and backing of a large media conglomerate nor are we playing for the large advertisement sweep-stake.
Our business model is you and your subscription. And in challenging times like these, we need your support now more than ever.
We deliver over 10 - 15 high quality articles with expert insights and views. From 7AM in the morning to 10PM late night we operate to ensure you, the reader, get to see what is just right.
Becoming a Patron or a subscriber for as little as Rs 1200/year is the best way you can support our efforts.