India's giant Telecommunication Company, Airtel  had a data breach that exposed personal information of 300 millions users. The breach arose because of the vulnerability in the MyAirtel Application.

 A cyber security enthusiast, Ehraz Ahmed  found the vulnerability exposing various information such as IMEI number, Connection Type, Device Information and Personal Information such as First name, Last name, Contact Address, Gender, Email and some other personal information.

    Join our Telegram Channel To Get Notified Of New Articles & Updates     Join Channel

Airtel Data Breach Exposes Personal Details of 300 Million Users

Airtel Data Breach Exposes Personal Details of 300 Million Users
Airtel Data Breach Exposes Personal Details of 300 Million Users


Ehraz Ahmed approached the BBC with a proof of a video that caused the vulnerabilty to the public. The data breach that exposed personal details of millions of users could have cost the company as well as Airtel users. 


A recent CIO survey made by Forcepoint and Frost Sullivan states that Indian Companies are prone to data breaches at 69% while other listed companies have already been breached at 44%. This ranks India to be the world's second most cyber-attack country in the entire world.


Ehraz found the vulnerability in 15 minutes and had to add a script that would retrieve all the details of a certain user by simply providing the phone number.


An Airtel speaker told the BBC that, "There was a technical problem in one of our testing APIs, which was handled as soon as it was identified, Airtel's digital platforms are very secure. Customer privacy is very important to us, and we are delivering the best solution to ensure the security of our digital platforms.