CyberX9 says data of 20 million postpaid customers of Vodafone Idea exposed; telco denies claim
PTI, Aug 28, 2022, 6:10 PM IST
New Delhi: Multiple vulnerabilities in the system of telecom operator Vodafone Idea has exposed the call data records of around 20 million postpaid customers, cyber security research firm CyberX9 said in a report. Vodafone Idea (Vi), however, said there was no data breach and potential vulnerability in its billing communication was immediately fixed after it learned about it.
According to the CyberX9 report, the vulnerability exposed postpaid customers’ call data records, comprising the time when a call was made, duration of call, location from which the call was made, customer’s full name and address, SMS details comprising contact number to which it was sent, among others.
CyberX9 founder and Managing Director Himanshu Pathak told PTI that the firm had shared entire findings with Vodafone Idea through email and a company official had acknowledged the vulnerability on August 24.
Pathak said CyberX9 reported details to Vi on August 22. ”Later on August 22, 2022, Vi confirmed the receipt of our report. Vodafone Idea acknowledged the vulnerabilities discovered and reported by us on August 24, 2022,” Pathak said.
When contacted, Vodafone Idea said, ”There is no data breach as alleged in the report. The report is false and malicious. Vi has a robust IT security framework to keep our customer data safe.”
”We regularly conduct checks and audits to further strengthen our security framework. We learnt about a potential vulnerability in billing communication. This was immediately fixed and a thorough forensic analysis was conducted to ascertain no data breach,” it said.
The company further said that it has notified about the potential vulnerability to appropriate agencies and made due disclosures, adding, ”Vi customer data remains fully safe and secure.”
The company has also made disclosure of the vulnerability on its website.
However, CyberX9 has contested the claim. ”Vi was exposing millions of customers call logs and other sensitive data for at least last about two years. In that massive time period, multiple criminal hackers might have stolen this data.
”It is absurd and baseless claim of Vi that they’ve done a forensic audit and no breach was found. Such a detailed forensic audit would at least take couple of months to be done,” CyberX9 said.
The CyberX9 report claimed that data of around 301 million people was exposed due to this vulnerability. CyberX9 found that call data records of 20.6 million Vi postpaid customers was exposed. This comprised personal data, call records, SMS records, internet usage records and roaming details.
The cyber security firm claimed that personal data of 55 million people, including those who have left Vi and those who only showed interest in getting a Vi connection, was at risk.
Udayavani is now on Telegram. Click here to join our channel and stay updated with the latest news.
Top News
Related Articles More
RBI: After another status quo year, all eyes on a growth-propping rate cut with new Guv at helm
Front-running case: Sebi bans 9 entities from market , impounds illegal gains of over Rs 21 crore
Global trends, FIIs’ move to dictate trends in markets in holiday-shortened week: Analysts
GST Council postpones decision to cut tax on insurance, rate panel defers report submission
GST Council meet to decide on lower taxes on insurance policies, ATF inclusion
MUST WATCH
Latest Additions
Kannada Sahitya Sammelana: Food distribution creates stir
Rohit gets hit in nets, practice pitches on slower side
India & Kuwait elevate ties to strategic level; ink defence pact after PM Modi meets top Kuwaiti leaders
In Kuwait, PM Modi meets yoga practitioner, other influencers from Gulf country
Notorious gangster wanted in UAPA case arrested at Nepal border
Thanks for visiting Udayavani
You seem to have an Ad Blocker on.
To continue reading, please turn it off or whitelist Udayavani.