Recently ,State bank of India (SBI) reported a data breach . Hackers targeted an unprotected server which contained private financial data of millions of SBI users .
In addition , SBI is one of the India’s biggest bank . A huge conglomerate getting hacked is indeed an issue of how irresponsible big companies are related to the security of their customers .
The hacked server belonged to SBI’s SMS-based data inquiry service SBI quick . This service allowed SBI users to quickly check their bank balance and recent transactions . It was very easy for any technical mind to take advantage of this flaw in the server .
However , If you’ve subscribed to SBI quick , then you should worry a little and keep yourself safe from any eavesdropper . Furthermore , if you haven’t subscribed to SBI quick , chances are your data is secure .
What kind of data was leaked ?
The database contained user’s phone number, account balance , recent transactions, partial account number and archives of millions of text messages from December .
However , it is still unknown for how long the database server was left vulnerable . The report of this breach was first given by TechCrunch . An anonymous security researcher alerted TechCrunch of the SBI’s unsecured data server .
SBI has around 75 crore bank accounts , and this hack would’ve put their information on risk . This unprotected server was then reported to SBI and India’s National Critical Information Infrastructure Protection Centre . In conclusion, they secured it .
Should you worry as an SBI customer ?
Yes and No . No critical information was leaked such as usernames and passwords . However , still any skilled hacker can take advantage of the leaked information in performing social engineering attacks on users .
How to be safe from this type of data leaks ?
- Avoid using free public Wi-Fi . As, they are highly unsecure . Any Individual using the same Wi-Fi can easily monitor and intercept your data .
- Don’t share your personal details with anyone.
- Change passwords regularly , as it may prevent any hacker from having persistence on your compromised accounts .