Home / News / India /  Vi's 20M postpaid customers call data exposed? Telco denies claims

Around 20 million postpaid customers of telecom operator Vodafone Idea has been exposed to call data breach, reported cyber security research firm CyberX9.

Despite CyberX9's claim, the telecom operator said that there was no data breach and potential vulnerability in its billing communication was immediately fixed after it learned about it.

The CyberX9's claimed in its report that the vulnerability exposed postpaid customers' call data records include call timing, call duration, caller's location, customer's full name and address, SMS details comprising contact number to which it was sent, etc.

"The firm had shared entire findings with Vodafone Idea through email and a company official had acknowledged the vulnerability on 24 August," CyberX9 founder and Managing Director Himanshu Pathak said, adding, it reported details to Vi on 22 August.

ALSO READ: Vodafone to sell Hungarian business for $1.8 billion

"Later on August 22, 2022, Vi confirmed the receipt of our report. Vodafone Idea acknowledged the vulnerabilities discovered and reported by us on August 24, 2022," Pathak said.

Meanwhile, Vi declined of any data breach. "There is no data breach as alleged in the report. The report is false and malicious. Vi has a robust IT security framework to keep our customer data safe," Vi said.

"We regularly conduct checks and audits to further strengthen our security framework. We learnt about a potential vulnerability in billing communication. This was immediately fixed and a thorough forensic analysis was conducted to ascertain no data breach," it said.

Contesting the claim of Vi, CyberX9 said, "Vi was exposing millions of customers call logs and other sensitive data for at least last about two years. In that massive time period, multiple criminal hackers might have stolen this data."

"It is absurd and baseless claim of Vi that they've done a forensic audit and no breach was found. Such a detailed forensic audit would at least take couple of months to be done," it added.

Due to this vulnerability, the data of around 301 million people was exposed, the CyberX9 report claimed, adding call data records of 20.6 million Vi postpaid customers was exposed.

CyberX9 even claimed that personal data of 55 million people, including those who have left Vi and those who only showed interest in getting a Vi connection, was at risk.

With PTI inputs.


Catch all the Business News, Market News, Breaking News Events and Latest News Updates on Live Mint. Download The Mint News App to get Daily Market Updates.
More Less

Recommended For You

Trending Stocks

Get alerts on WhatsApp
Set Preferences My ReadsWatchlistFeedbackRedeem a Gift CardLogout