New Delhi: Even before the issue of WhatsApp leaking information of Indian users could die down, Airtel has admitted that its mobile app could have put user data at risk.
If true, data of over 300 million users are at risk.
According to reports, the security flaw was found in the Airtel app’s Application programming interface (API), which could be easily exploited by hackers to access personal data of users by just using their mobile number. The bug was discovered by a Bengaluru-based security researcher, Ehraz Ahmed.
So what all information has been compromised? User’s name, address, birthday and IMEI number on which the app is installed are likely to have been given out.
“There was a technical issue in one of our testing APIs, which was addressed as soon as it was brought to our notice,” an Airtel spokesperson was quoted as saying by the BBC. “Customer privacy is of paramount importance to us and we deploy the best of solutions to ensure the security of our digital platforms,” the Airtel spokesperson added.
According to the Telecom Regulatory Authority of India (TRAI) report, Airtel had close to 325 million active subscribers by the end of September 2019. It has the third-largest subscriber base after Vodafone-Idea (372 million) and Reliance Jio (355 million).
In October this year, a local search service named Justdial was found to have a flaw in its API that could have potentially affected 156 million users in India.
In November, Ehraz alerted Truecaller about a similar flaw.