Call data of 20 mn Vodafone Idea customers exposed, claims report; firm denies - Hindustan Times
close_game
close_game

Call data of 20 million Vodafone Idea customers exposed, claims report; firm denies

By | Edited by Aniruddha Dhar, New Delhi
Aug 28, 2022 09:17 PM IST

The report by cyber security research firm CyberX9 said that multiple vulnerabilities in the system of Vodafone Idea (Vi) exposed the call data records, comprising the time when a call was made, the call's duration, the call's location, the customer's full name and address, and SMS details comprising the contact number to which it was sent.

A report by cyber security research firm CyberX9 has said multiple vulnerabilities in the system of Vodafone Idea (Vi) exposed the call data records of 20.6 million customers subscribed to the telecom giant's postpaid services. The report said vulnerabilities exposed the call data records, comprising the time when a call was made, the call's duration, the call's location, the customer's full name and address, and SMS details comprising the contact number to which it was sent.

Vodafone Idea added it regularly carried out checks and audits to further strengthen its security framework.(AFP file photo)
Vodafone Idea added it regularly carried out checks and audits to further strengthen its security framework.(AFP file photo)

The call data records exposed also compromised the personal data of such postpaid customers, their internet usage and roaming details, the report added.

Hindustan Times - your fastest source for breaking news! Read now.

Speaking to news agency PTI, CyberX9's founder and managing director Himanshu Pathak said on Sunday the firm shared its entire findings with Vodafone Idea via email.

"Later on August 22, Vi confirmed the receipt of our report. Vodafone Idea acknowledged the vulnerabilities discovered and reported by us on August 24," Pathak said.

Vodafone Idea, meanwhile, had denied the claim of the call data of 20 million postpaid customers being exposed.

"There is no data breach as alleged in the report. The report is false and malicious. Vi has a robust IT security framework to keep our customer data safe," the telecom giant told PTI.

Vodafone Idea added it regularly carried out checks and audits to further strengthen its security framework.

“We learnt about a potential vulnerability in billing communication. This was immediately fixed and a thorough forensic analysis was conducted to ascertain no data breach,” the telecom giant further told PTI.

Vodafone Idea also said it notified the potential vulnerability to appropriate agencies and made due disclosure.

"Vi customer data remains fully safe and secure," Vi added. It also disclosed the vulnerability on its website.

PTI further reported that CyberX9 contested the above claim and said that Vodafone Idea was exposing call logs and other sensitive data of millions of customers for at least the last two years.

"It is an absurd and baseless claim of Vi that they've done a forensic audit and no breach was found. Such a detailed forensic audit would at least take a couple of months to be done," CyberX9 said.

The firm also claimed that the personal data of 55 million people, including those who have left Vodafone Idea and those who only showed interest in getting a Vi connection, was at risk.

(With PTI inputs)

Unlock a world of Benefits with HT! From insightful newsletters to real-time news alerts and a personalized news feed – it's all here, just a click away!- Login Now! Catch all the Latest Technology Mobile, Gadgets,Tech News from India and around the world
SHARE THIS ARTICLE ON
Share this article
SHARE
Story Saved
Live Score
Saved Articles
Following
My Reads
Sign out
New Delhi 0C
Thursday, February 22, 2024
Start 14 Days Free Trial Subscribe Now
Follow Us On