India's largest bank has an unsecured server that allowed anyone to access financial information of millions of customers, like bank balances and recent transactions.
The server, hosted in a regional Mumbai-based data center, stored two months of data from SBI Quick, a text message and call-based system used to request basic information about their bank accounts by customers of State Bank of India (SBI), the largest bank in the country and a highly ranked company in the Fortune 500.The bank server is not protected by password and other security algorithms that allows anyone to access the files stored on the server.
It's not known how long the server is compromised.
It was the back-end text message system that was exposed.
Anyone can see all the text messages going to customers in realtime, including their bank balances, phone number, recent transactions.
SBI claims more than 500 million customers across the globe, with 740 million accounts.
No comments:
Post a Comment