State Bank of India (SBI) is one of the most secured financial institutions in India. It lives by its fame of impeccable security to protect user information. Ironically, the bank forgot to fortify the security of users by forgetting to apply a password to the server.
The risk of user information leak ranging to millions loomed largely. One of its installations in Mumbai unintentionally overlooked the stringent protocols to secure the server hosting infrastructure.
Also Read:
Home Loans Get Costlier AS ICICI, SBI Increase Rates
This server is responsible for hosting account details, transactions, bank balance, and stored information of SBI Quick of two months time span.
There is no news of any cyber attack on the vulnerable server. The server was not password protected and was open for access. SBI reportedly fixed the server immediately after it realized the slack.
It is not known whether anyone has entered the unsecured server yet. The server was designated to maintain SBI Quick information storing sensitive user information such as mobile numbers.
This irresponsible act might have led to identity theft and fraudulent transactions. The breach in security was detected by a researcher in the security division. It was then verified by Karan Saini, the researcher who previously detected a leak in the Aadhar database of India.
India needs stronger and stringent IT laws regarding data protection. The usability and security of sensitive information are still threatened by the strong loopholes in the weak laws.
Also Read:
SBI Incurs Losses Amounting to Rs 7,718 Crore As Provisions More Than Double
If a company or any concerned person is entitled to collect data, it should be the entity’s responsibility to keep it safe and use it only if the user allows.
