A serious security flaw was detected in the mobile application of Bharti Airtel
late Friday, prompting nervous subscribers to reach out to the telecom
operator. The flaw, which was feared to have exposed data of over 300 million users to potential hackers, kept the social media abuzz all of Saturday. However, the company termed the snag part of a routine trial and testing of new applications on its network, adding it had been fixed.
The flaw existed in the application programming interface (API) of the Airtel
smartphone app, where sensitive information of Airtel
users can be found. The glitch was discovered by independent security researcher Ehraz Ahmed, and later notified to the operator. The problem exposed user information like first and last name, gender, email, date of birth, address, subscription details, device compatibility for 4G, 3G, network information, activation date, user type (prepaid/postpaid), and even the IMEI number.
An Airtel spokesperson said, “There was a technical issue in one of our testing APIs, which was addressed as soon as it was brought to our notice. Airtel’s digital platforms are highly secure. Customer privacy is of paramount importance to us and we deploy the best of solutions to ensure the security of our digital platforms.”
The Union Cabinet last week cleared the Personal Data Protection Bill.