As per recent reports, several vulnerabilities in the system of the popular telecom operator, Vodafone Idea has managed to expose the call data records of nearly 20 million postpaid customers, CyberX9, a cyber security research firm said in a report.
However, Vodafone Idea simply responded by saying that there was no data breach and potential vulnerabilities in its billing communication were immediately rectified after it learned about the same. As noted in CyberX9’s report, the vulnerability exposed postpaid customers’ call data records, comprising the time when a call was made, duration of the call, the location from which the call was made, customer’s full name and address, SMS details comprising contact number to which it was sent, among others.
In addition to this, it is being said that, CyberX9’s founder, as well as managing director Himanshu Pathak, told PTI that the said fir had shared their entire findings with VI via email and a company official had also acknowledged the vulnerabilities on August 24. Also, Pathak said CyberX9 reported details to Vi on August 22.
“Later on August 22, 2022, Vi confirmed the receipt of our report. Vodafone Idea acknowledged the vulnerabilities discovered and reported by us on August 24, 2022,” Pathak said.
Commenting on the same, Vodafone Idea said, “There is no data breach as alleged in the report. The report is false and malicious. Vi has a robust IT security framework to keep our customer data safe.”
“We regularly conduct checks and audits to further strengthen our security framework. We learned about a potential vulnerability in billing communication. This was immediately fixed and a thorough forensic analysis was conducted to ascertain no data breach,” it said.
Apart from this, the company also mentioned that they had notified about potential vulnerabilities to appropriate agencies and managed to make due disclosures, adding “Vi customer data remains fully safe and secure.”
“Vi was exposing millions of customer’s call logs and other sensitive data for at least last about two years. In that massive time period, multiple criminal hackers might have stolen this data.
“It is the absurd and baseless claim of Vi that they’ve done a forensic audit and no breach was found. Such a detailed forensic audit would at least take a couple of months to be done,” CyberX9 said
Lastly, CyberX9 claimed in a report that, around 301 million people were exposed due to this vulnerability. Not just that, CyberX9 found that call data records of about 20.6 million Vi postpaid customers were exposed. This comprised of internet usage records, call records, roaming details as well as SMS records.
Noted in a report by cnbctv18, The cyber security firm claimed that the personal data of 55 million people, including those who have left Vi and those who only showed interest in getting a Vi connection, was at risk.
Reading so far, I hope you must have gotten a fair insight into the data of nearly 20 million postpaid customers of Vodafone Idea which was exposed, and by now I believe you will be able to decide on your own whether or not you think it was the right thing to do and what do you think will be their next step!
In conclusion, what are your thoughts on CyberX9’s report for exposed data of 20 million postpaid customers? Do let us know in the comments area below. To know more about such reports, do check out other articles we have on our website. Thank you for your time & if you found our content informative, do share it with your investor friends!
Also Read: Water purification startup Drinkprime raises Rs. 60 crores in funding!