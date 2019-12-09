A major security breach in Airtel’s Mobile app left sensitive data of 300+ million subscribers vulnerable to hack. This bug, discovered by a Bengaluru based independent security researcher Ehraz Ahmed, allowed information to be accessed just with the help of a phone number.

Ehraz mentioned that it took him just 15 minutes to find the flaw which used Airtel’s API to reveal information like name, gender, email, date of birth, address, subscription information, device capability information, network Information, activation Date, connection type and even IMEI of the device.

Airtel has acknowledged the flaw and stated that it has been fixed as soon as the company was alerted about it. The official statement from Airtel states "There was a technical issue in one of our testing APIs, which was addressed as soon as it was brought to our notice. Airtel's digital platforms are highly secure.

Customer privacy is of paramount importance to us and we deploy the best of solutions to ensure the security of our digital platforms." Airtel is the third-largest private telecom provider in the country after Vodafone-Idea and Jio with over 300 million subscribers. The app in question is available for both iOS and Android customers and is used to recharge, pay bills, offer detailed information about plans and services and more. The company has not shared any information about the number of users impacted by this flaw or if any financial information has been compromised.