Airtel data breach exposes personal details of 300 million users

Airtel said it has fixed the security flaw associated with its app's API

airtel-reuters Representative image | Reuters

Worsening its woes, telecom major Bharti Airtel was hit with a major data breach after a security flaw in its mobile app exposed the details of more than 300 million users. Confirming the breach, Airtel said that it has fixed the security flaw associated with its app's API (application programming interface). 

The security flaw apparently provided access to information such as user's name, emails, birthday, residential address, and the IMEI number of the device on which the app was installed. The IMEI number is a unique numerical identifier for every mobile device.

"There was a technical issue in one of our testing APIs, which was addressed as soon as it was brought to our notice," the BBC quoted an Airtel spokesperson. 

The flaw in the Airtel app was discovered by Bengaluru-based security researcher, Ehraz Ahmed. "It took me 15 minutes to find this flaw," he told the BBC.

Airtel is the third largest mobile network operator in India with over 325.5 million subscribers. The telecom sector in India sees massive competition with the entry of Reliance Jio. Vodafone Idea is the other player in the segment.