It is one of the most popular and widely-respected of all telecom companies around the world. In India, if it might be said, its standing is simply unrivaled where the bastion of telecom companies stand. It’s big, it’s profit-making, and it’s also considered among the superior telecom players in an industry where there’s hardly any dearth of competition- this being an age where the need to be ‘constantly connected’ is simply-paramount.
But guess what? Airtel will have to take the blame for having perhaps committed a gaffe that may not be liked by any of its customers.
Truth be told, there is no rocket science theory to this. Just like the need to be connected in an age where data-sharing and information exchange is as vital as is the undeniable need to breathe, the need to ensure data security has never quite been more important.
To that end, the fact that the current piece of news suggests that there may have been a massive data breach on the part of Airtel pertaining to a gaffe that occurred in connection to Airtel’s mobile app comes across as a surprise.
So what exactly has happened that has sent a shockwave down everyone’s spine aware of this Airtel blunder- if at all, it warrants to be called so?
It is believed that there has been a security breach in Airtel’s mobile app- may have caused the exposure of vital private customer details. These pertain to user names, addresses, e-mail addresses as well as IMEI numbers.
But at this point in time, here is what India Today reported on the developing story:
Airtel has fixed a serious security flaw in its eponymous Airtel mobile app that could have put the data of over 300 million users who avail the company’s telecom services, at risk. The vulnerability was associated with the Airtel app’s API (application programming interface) and could have been exploited by malicious parties to access the personal data of users by just using their mobile number. The security flaw in the Airtel app could provide access to information such as the name of users, emails, birthday, residential address, and the IMEI number of the device on which the app was installed. The flaw has been fixed once it was brought to the telco’s attention.
That is not all. The widely-read media would go on to add- the security flaw in the Airtel app – which appears to have been relatively easy to find for a hacker with the appropriate technical know-how – was discovered by Bengaluru-based security researcher, Ehraz Ahmed. In a statement to Gadgets 360, Ahmed said, “The flaw exists in one of their API that allows you to fetch sensitive user information of any Airtel subscriber. It revealed information like First & Last Name, Gender, Email, Date of Birth, Address, Subscription Information, Device Capability information for 4G, 3G & GPRS, Network Information, Activation Date, User Type [Prepaid/Postpaid] And Current IMEI number.”
While Airtel submitting that it has already fixed the flaw comes across a desperate breathing space for the brand that may have been found wanting! In fact, the technical flaw was actually first notified by the BBC.