SBI left data of millions of customers unprotected for two months: Report

The bank's server was not password-protected, allowing anyone with the technical know-how to access the data of millions of customers' information. 

Published: 31st January 2019 01:04 PM  |   Last Updated: 31st January 2019 01:19 PM   |  A+A-

State Bank of India (Photo | File/Reuters)

By Online Desk

A data security scandal has hit India's largest public sector bank after a media report claimed that State Bank of India left a server with banking data (bank balances, recent transactions) of its customers unprotected for two months. SBI has now secured the server. 

According to a report by Techcrunch, the server which is hosted in a regional Mumbai-based data centre, stored two months of data from SBI Quick meant for users to request basic info about their bank accounts via a text message or on a call. 

The report goes on to point how the bank's server was not password-protected, allowing anyone with the technical know-how to access the data of millions of customers' information. According to Google Playstore, there have been 10-million-plus installs of the SBI Quick app.

Techcrunch claimed the passwordless database allowed them "to see all of the text messages going to customers in real time, including their phone numbers, bank balances and recent transactions".

TechCrunch verified the authenticity of the server by asking an India-based security researcher to use SBI Quick and within seconds, his number, as well as the bank's response, were available on the compromised server. 

The report says the server revealed that the bank sent over three million text messages to its consumers on a single day - Monday - itself. 

SBI Quick offers an easy way to its consumers to get basic information about like their account balance, mini statement, cheque book, and more with the bank. 

India's largest public sector bank with a $47.5 billion revenue stood 216th in the last Fortune 500 list of the world's biggest corporations.

Stay up to date on all the latest Business news with The New Indian Express App. Download now
(Get the news that matters from New Indian Express on WhatsApp. Click this link and hit 'Click to Subscribe'. Follow the instructions after that.)

Comments

Disclaimer : We respect your thoughts and views! But we need to be judicious while moderating your comments. All the comments will be moderated by the newindianexpress.com editorial. Abstain from posting comments that are obscene, defamatory or inflammatory, and do not indulge in personal attacks. Try to avoid outside hyperlinks inside the comment. Help us delete comments that do not follow these guidelines.

The views expressed in comments published on newindianexpress.com are those of the comment writers alone. They do not represent the views or opinions of newindianexpress.com or its staff, nor do they represent the views or opinions of The New Indian Express Group, or any entity of, or affiliated with, The New Indian Express Group. newindianexpress.com reserves the right to take any or all comments down at any time.

flipboard facebook twitter whatsapp