BSNL posted private customer data on Twitter revealing phone number, recharge details

By Digit NewsDesk | Published on 09 Mar 2018

The telco, while responding to a user’s complaint on Twitter, posted his phone number, recharge history and deductions.

BSNL posted private customer data on Twitter revealing phone number, recharge details

BSNL landed themselves in hot water recently as they publicly posted personal data of one of their consumers on Twitter. A user called out the company on the micro-blogging website and in response the company’s official Twitter handle posted all the recent deductions and recharge details of the user, along with his phone number. Shortly after, the company deleted the tweet, however, a screenshot of it was already taken and posted on Reddit.

This is not the first time BSNL has come under fire. Elliot Anderson, the cybersecurity expert, on Twitter claimed that he was able to hack into many of the company’s websites and obtain their employee data. However, BSNL said that the hacked domains were publicly listed URLs and didn’t contain any customer or employee data.“BSNL, being one of the largest Telecom Operators in India, is fully prepared to prevent any data loss related to its employees, customers or stakeholders,” said the state-run telecom operator. 

Anderson had also previously discovered vulnerabilities in the m-Aadhaar app. He revealed how anyone with some programming knowledge can bypass the apps’ security and steal a users data. In a Tweetstorm, he showed that the password for the local database, which the mAadhaar app makes use of for storing critical information such as KYC profile data, biometric preferences, and user passwords, can be easily acquired. This means that if someone acquires to your smartphone, the Mobile Aadhaar PIN can be easily compromised. You can read our in-depth coverage of this issue here

Speaking of vulnerabilities and data leaks, in July last year, a database of Reliance Jio’s user information was leaked online. The telcos customers’ information like Aadhaar number, email ids and more were available online. The company responded to the leaks saying that the leaked data is unauthentic and their user’s data securely maintained. 

In December last year, Airtel was also banned from conducting Aadhaar-SIM linking and e-KYC verification. The telco was allegedly using the Aadhaar-eKYC SIM verification process for opening new Payments Bank accounts without the explicit consent of its customers. You can read more about it here.

Digit NewsDesk

The guy who answered the question 'What are you doing?' with 'Nothing'.

BSNL BSNL Twitter BSNL customer data BSNL Reddit

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry. Protection Status