State Bank of India fixes an unprotected server

01.02.2019

Back to news

Millions of customers got their details compromised by the State Bank of India. The breached server was allegedly unprotected with a password. Confidential data, including account numbers and transaction information, could be freely accessed due to the low security server located in Mumbai.

Although the problem has been fixed, it is yet to know whether the details were obtained and misused by a third party. "Banks in India conduct audits in areas where the RBI has made it compulsory. The other areas are usually ignored," says Prashant Pandey, security researcher.

Regular check and proper configuration is an issue which needs to be thoroughly reconsidered by local companies. External auditing services are not sufficient, an in-house solution is required to provide your corporate network with ongoing monitoring, assessment of a company’s policy relevance and to improve a report system.

Rakshit Tandon, cybercrime expert, is convinced that the breached data can be affected by social engineers, and clients might receive suspicious texts and emails so the awareness should be raised regarding possible fraudulent attacks.