There are serious security concerns over Airtel’s mobile app and as per a recent report, it could have exposed the data of its nearly 325 million customer base. This would include personal information such as names, emails, birthdays, addresses, and even IMEI numbers of their mobile devices. After this, Airtel has acknowledged the issue on its mobile app and issued a fix for the same as well.
The bug was located in the Application Program Interface (API) of Airtel’s mobile app. As per independent security researcher Ehraz Ahmed, it took him about 15 minutes to find the flaw. He went on to post a video and showed a script being used to extract the information from the Airtel mobile app’s API.
Information provided on blog
He took to his blog and wrote that this case study was only made public after the issue was acknowledged and subsequently fixed by Airtel. As per the report on BBC the flaw could well have allowed hackers to access subscriber’s details which include names, emails, birthdays and addresses by simply getting access to their mobile numbers.
“There was a technical issue in one of our testing APIs, which was addressed as soon as it was brought to our notice. Airtel’s digital platforms are highly secure. Customer privacy is of paramount importance to us and we deploy the best of solutions to ensure the security of our digital platforms,” an Airtel spokesperson responded to a query posted by indianexpress.com.
This privacy infringement will once again raise some serious questions as the company is the third-largest telecom operator in India, as per TRAI’s data. As things stand right now, the biggest telecom operator is Vodafone-Idea with 372 million active subscribers. They are then followed by Reliance Jio with 355 million active users. For Airtel users, it is recommended they upgrade it to the latest version of app.