https://techcrunch.com/2019/01/30/state-bank-india-data-leak/
By Zack Whittaker
TechCrunch
January 30, 2019
India's largest bank has secured an unprotected server that allowed anyone
to access financial information on millions of its customers, like bank
balances and recent transactions.
The server, hosted in a regional Mumbai-based data center, stored two
months of data from SBI Quick, a text message and call-based system used
to request basic information about their bank accounts by customers of the
government-owned State Bank of India (SBI), the largest bank in the
country and a highly ranked company in the Fortune 500.
But the bank had not protected the server with a password, allowing anyone
who knew where to look to access the data on millions of customers'
information.
It's not known for how long the server was open, but long enough for it to
be discovered by a security researcher, who told TechCrunch of the leak,
but did not want to be named for the story.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
