SBI Account Holders left in Shock After discovering the truth behind their information security:
News that would blow your mind away in an unexpected manner. To all those who possess an account in one of the leading and biggest banks of the country " The State Bank of India," according to a recent report by Times of India the information could be accessed by "anyone who knew where the information was located."
Speculations were made that customer’s personal information such as his bank balance that could be in cores, is at the risk of being getting leaked, Claimed the Times of India report citing TechCrunch, a technology news publisher in the US.
According to the daily, TechCrunch said SBI account holder’s information is available to any random person who knew where to look for it. The data may be at risk as the bank official’s stores text messages of the customers in an unsecured server. This was a big reason for the customers who have a massive sum of money stored in their accounts.
According to the daily, the server held two months of data from SBI Quick-a service that allows the customers to acquire basic account information by sending an SMS or through a missed call. The text messages usually contain the account balance or the previous transactions or mostly the last five the report claimed.
Other than text messages, a registered mobile number could also be accessed by the server. The report also said that TechCrunch shared masked screenshots of text message details which provided recent transactions that the customer has made.
According to the daily, after the news got viral, SBI on being alerted about the issue quickly secured the server with a password.
Based on the initial probe it is confirmed that SBI’s data still remains to be secured and all the customer profiles and their financial records are safe. The bank is further investigating the issue, going through various components of the ecosystem to clarify that there is no other impact of the situation on to the customer’s security.SBI said to a query.
Unlike the US and other countries in the west, there are no such notification norms in India. These norms look into the privacy of the customer and consistently alert them about the risks that they are exposed to and alert them in advance to change their passwords and make other necessary changes to avoid any kind of loss. TechCrunch notified that it did not know for how long the server was open.
According to the daily, the biggest breach in recent months was at the Marriot hotels where details of over 500 million customers were said to have been exposed off. This was the biggest than ever.
However in case of SBI, the credentials of the customers were not exposed, but anyone who knew the server address when it was leaked could have retained the customer’s mobile number and data pertaining to recent transactions that were being made using the SBI Quick. This service involves banking by giving a missed call or sending an SMS with predefined keywords to pre-defined mobile numbers.
The Tol report citing cybersecurity experts said this information can be considered by fraudsters to impersonate bank officials and convince innocent account holders to give up their debit card details.