Airtel’s Security Breach or Manual Error, Allows Access to Others Account Details [ Reported n Fixed ]

By July 9th, 2013 AT 2:48 AM

When we talk about Telecom operator Airtel comes one step ahead of other operators, be it design or the content they score one step ahead of others but one small technical error had shaken customer’s confidence in the brand.

This is what happened recently, an Airtel customer and an avid reader of TelecomTalk Vaibhav Gera who hails from Delhi identified an additional account no. reflecting in his account on the app having access to some other users account details though it’s a privacy issue and a bug.

@vaibhav_Gera
@vaibhav_Gera

As a responsible customer he tweeted and informed the same to @airtel_presence on twitter and the team promised to call him back and resolve the issue.

Considering the gravity of the issue, Vaibhav simultaneously brought it up with us and on our pursuing the matter with @airtel_presence, to get a quick resolution.

The Bug reported by Vaibhav on Airtel’s Portal :

  1. The flaw allowed Vibhav to access 3rd party account details.
  2. The flaw can also be used to send e-bill to the linked user any number of times.
  3. The flaw can also can be used to raise service request from the linked user to airtel and which may lead to activation and deactivation of services.
  4. The flaw also allowed access to view previous bill details of linked user .

my airtel_screenshot2

Meanwhile, Airtel has confirmed to us that their processes have been designed to protect the customer privacy and we follow stringent processes while updating any customer data, hence it is one of the rare incident that has taken place. Airtel has also built-in further checks and balances to avoid such occurrences .

Drop a mail at news @ telecomtalk dot info

3
Leave a Reply

avatar
Photo and Image Files
 
 
 
2 Comment threads
1 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
2 Comment authors
DUANEsrikanth Recent comment authors
newest oldest most voted
DUANE
DUANE

This is not a “rare incident” as claimed above (RED). I have a fancy number (AIRTEL Postpaid) and various people have added in my number on their DTH account (seems thru IVR). This allows me to ORDER MOVIES and CHANGE PACKAGES as well as ADD-ON PACKS into any of their accounts!! List with Customer names, etc, available with me!!

Highlighted the Security Breach to Airtel Top Management (DTH) who have reverted that its been “noted”.

srikanth
srikanth

hmmmmm ….is airtel money safe?

DUANE
DUANE

Try it… if you get looted (sic) let me know !!!
On a serious note though … I have been using it for last 2 months, done transactions >25K (Mobile + DTH + Landline) and no issue so far 🙂

Recent Posts

Airtel Digital TV Offering Discounted NCF of Rs 80 on Second Connection, Reveals Multi-TV Policy

More and more DTH operators are coming up with their multi-TV policies as the days pass. The new mandate by...

BSNL Revision Spree Continues, Telco Reduces Validity of Rs 666 Prepaid Plan

Since the start of February 2019, BSNL has been aggressively revising its tariff plans. While some of the changes it...

Individual Channels vs DTH Recommended Packs After Trai Mandate: How it Affects Your Overall Monthly Bill?

The Telecom Regulatory Authority of India’s new mandate regarding the prices of channels and cable TV subscription has brought a...