Uninor the sixth largest GSM operator in India seems to mess up with public data lately on their website. A recent study by Telecomtalk.info on Uninor’s website reveals that Uninor has accidentally made public data ‘PUBLIC’ on their website.
So long Uninor had set a bench mark in Indian telecom space by offering special recharges and are considered to be one of those leading innovative operators be it advertising or any tariff plan.
Uninor is also considered to offer one of the cheapest tariffs among all operators and in past had held many records for being innovative and for its concern to make the planet green.
But one bug in the system crashes all repute. Just like other operator Uninor too offers its customers to take new connection through their Contact Us (http://www.uninor.in/uninornewconn/getconnected/Pages/Contactus.aspx) page in their website against of which willing customers need to provide their details.
The contact us page also offers customers to know about various services available with the operator for which customers need to fill appropriate details.
All the relevant details of the customers are stored in Uninor’s public domain which is easily accessible by the public at any point of time. Now this is an alarming situation because the Indian Telecom Act itself secures the mobile numbers of Indian customers since it cannot be made public due to privacy reasons unlike landline numbers publishes by BSNL through phone directories.
The URL (Link not attached on purpose) shows all the private details entered by public made easily available in just a click of a mouse breaching security.
We at Telecomtalk also tested the same just to make sure that data what we see is not old useless stuff but we also tested the same in real time with our id and contact details and viola our stuffs was also listed in public which proves the lack of security.
Like that (The Buggy Link not attached on purpose) has nearly 10K customers mobile numbers, location info ,E-mail id this can be easily misused by Telemarketers. So if Uninor guys are reading this please make sure the details are hidden or make it private as soon as possible before things go out of hands.
This is not the first time a operator has leaked Customers details in public domain long time back even Tata Indicom had a similar issue after TT’s post about it the operator sorted out the issue in few hours .Now we have to wait and watch how long does Uninor take to rectify the bug.
Update [July -02] :- Uninor has finally fixed its bug now !
Update [October -04] :- The bug is still live and active !
A Happy Geek and a Network Research Engineer with a really cool day job…