The data leak case of India’s largest bank State Bank of India has emerged. According to a report by American Tech Website TechCrunch, the bank’s server was without password. For this reason information of millions of customers can be accessed. This bank’s server is in the Mumbai based data center.
This data center has 2 months of data stored in SBI Quick. SBI Quick is a system whereby the basic information pertaining to account holders and the basic information related to the account is given. Due to not being secure it has been easy to access.
According to reports, it is unclear how long this server is open and unprotected. A security researcher found the server open and TechCrunch reported it first. However, the security researcher who has highlighted this weakness of the State Bank of India has laid the condition of not disclosing the name.
Through the SBI Quick, the customers of the bank get the information about the missed calls and text messages. The user has to send BAL keyword so that the bank identifies the registered mobile number of the customers and sends information to that number. Account balance and last five transaction details are available. Apart from this, ATM card blocks can also be made under this service.
TechCrunch has confirmed that bank and text messages have been leaked, in which there are millions of message stored every day. Since no password was set in the database, all text messages in the database have been seen which are real time. These include the customer’s phone numbers, bank balances and resent transactions.
These databases also have the partial account numbers of the customers. According to the report, this database access has also received information that the bank has sent approximately 3 million text messages only on Monday. This database has a daily archive of millions of text messages which is up to December i.e. anyone can view the financial information of these customers.