Contact Contact Us

Bank Leaves Database Unsecured without Password

India's largest bank, State Bank of India (SBI), has leaked the financial records belonging to millions of customers after failing to secure a Mongo database with a password. The server, which hosted a text message system known as SBI Quick, exposes customers' text messages sent to the system, phone number, bank balance, partial bank account number, and recent transactions. The leaked information can be used in social engineering attacks, which may result in fraudulent activities and identity theft. SBI has denied the allegations, claiming that the data of its customers are safe, and investigation is ongoing to ascertain the full extent of the incident.

References:
[1] India’s Largest Bank SBI Leaked Account Data on Millions of Customers

Ensign InfoSecurity Singapore
30A Kallang Place
#08-01
Singapore 339213

Tel: +65 6788 2882
Fax: +65 6788 3883