The State Bank of India reportedly has leaked data from millions of customer accounts, including account numbers, balances, recent transactions and other details.
The source of the leaked information was an unsecured server housed in a Mumbai data center, according to a report by Tech Crunch. The vulnerability, which was discovered by a security researcher, has since been fixed.
The exposed information consisted of two months-worth of text messages between the bank’s SBI Quick service and account holders who do not have smartphones.
Customers can send simple text commands through SBI Quick to retrieve account information, including balance, recent transactions, to block an ATM card and to inquire about loans.
Cybercriminals potentially could use the exposed information to carry out phishing attacks against individual customers, the report said
To read the original article;