A bug was found in India’s third largest mobile network Airtel, which has been fixed by the company at the moment. Due to this, personal data of more than 300 million users of the company could be endangered. This flaw was discovered in the application program interface (API) of the Airtel mobile app. With this, hackers could steal their personal data using only the customer’s number.
The customers’ data that could be stolen included names, e-mails, birthdays and addresses. At present, Airtel has rectified this flaw after being told by the BBC. A spokesperson for Airtel told the BBC that one of our testing APIs had a technical problem. As soon as we get information about it, we have fixed it.
The spokesperson further said, ‘Airtel’s digital platforms are completely safe. Customer privacy is very important for us and we use the best solutions to ensure the security of our digital platforms.
This flaw of Airtel was detected by Independent Security Researcher Ehraz Ahmed. The researcher told the publication that it took me only 15 minutes to find this flaw.
Apart from the information mentioned above, the International Mobile Equipment Identity (IMEI) number of customers was also accessible. This IMEI number is the unique numerical identity of a mobile device.
Let us tell you that according to the report of TRAI, by the end of September 2019, Airtel had around 325 million active subscribers. The company is the third largest company in India after Vodafone Idea and Reliance Jio. In such a situation, personal data of such users could have gone into the wrong hands and something untoward could have happened. However, the newly discovered flaw has been removed and customer data has been secured.