Account Data Of Millions Of SBI Customers, The Largest Bank In India Leaked

The vulnerability of the database of the largest bank in India, SBI made accessing its millions of customers information possible. The security breach which was revealed by a tech security researcher enables accessing the bank balances and recent transactions of millions of customers.

Unprotected Database Of SBI

An unprotected server base of the government-owned state bank of India, which is the largest bank in the country and highly rated by fortune 500 enables anybody to access the financial information of millions of its customers. The server which is hosted in a regional Mumbai-based data centre consists of two months of data from SBI quick, a text message and call based system used by customers to request for basic information about their bank accounts.
The range of period the server has been unprotected is not known, but a security researcher discovered it. The SBI quick enables any customer of the bank to text the bank, make a missed call as well retrieve information back by text message about their finances and accounts. This service is more suitable for millions of the bank’s customers who are not using a smartphone or having a limited data service.
Information can be obtained from the server through the use of predefined keywords such as “BAL” to obtain information related to an account balance. The service recognizes the customers registered phone number which the requested information will be sent to. The system also serves purposes such as obtaining Information on the last five transactions, blocking of an ATM card and making inquiries on car and house loans.

Exposed Back End Text Message System

The error in the system was caused by the exposure of the back end of the text message system of the servers as revealed by TechCrunch. The system was confirmed to have stored millions of messages, and three million messages were sent out on Monday.

Dangers Of The Unsecured Server

Karaini Sanni, a security researcher, noted that the unsecured server is very dangerous as the data available could be used to profile and target individuals that are known to have a high balance. He also stated that obtaining a phone number of the customer of the bank could be a tool to aid social engineering attack which is prevalent in the country.
The unprotected server has made the 500 million customers of the bank worldwide and its 740 million accounts prone to scammers. Curbing this type of vulnerability is essential for the safety of the financial world.

Related posts
BanksBinancebnbusdcryptocurrencyCryptocurrency NewsNews

Banks Refusing To Work With Crypto Will Pay A Hefty Price: Binance CEO CZ

The CEO of Binance has been very vocal about his stances on the cryptocurrency market. Yesterday, the CEO revealed he may have underestimated cryptocurrencies like DOGE, ETH, BTC, and BNB. He even emphasized DOGE’s impressive performance, despite holding zero Dogecoin….
BanksBitcoinBitcoin NewsbtcusdBTCUSDCBTCUSDTDeFiNewsxbtusd

ING Bank Says DeFi Could Be More Disruptive Than Bitcoin To The Financial Sector

CNBC recently reported that more American banks will be adopting Bitcoin, allowing their customers to buy, sell, and HODL through their bank accounts. This is according to Cryptocurrency custody firm NYDIG, whose recent partnership with Fidelity National information services could…
BinancebnbusdChangpeng ZhaocryptocurrencyDOGEdogecoinDOGEUSDNews

Binance’s CZ Is A Huge Fan Of DOGE Yet He Holds None

Dogecoin – the virtual asset which started as a parody of Bitcoin – has so far metamorphosed into a reliable store of value for some. The comedic cryptocurrency has been doing well since its inception in 2013 majorly as a…