State Bank of India – the largest bank in India has allegedly leaked the balance and account details of millions of customers online due to a server being unprotected.
State Bank is very large in terms of volumes of transactions and account holders. TechCrunch has reported that there was a major breach in one of their servers. This server in question was the one that was being used by the bank for SMS based banking. This is a method used by people who do not use smartphones and rely on SMS to communicate with the bank. You must be familiar with the concept of sending a few keywords to a specific number to get details of your current account balance or to quickly see the last few transactions on your account. The server that State Bank used for this purpose was the one that was not password protected. State Bank has since then fixed the issue.
Now that you know what went wrong, let us talk in detail about how it affects you if you are an account holder and potentially what information has been leaked. Most nationalized banks have this facility called SMS banking where people send SMS to a specific number with some keywords to get all sorts of information about their accounts. The most common use of this facility is to check the current balance of your account and keep track of the transactions that you have done recently. The server that handles this facility is the one that appears to have been compromised.
So the information in question here is the list of account numbers, their registered mobile phone numbers and potentially the last few transactions in the accounts. This information is dangerous in the hands of the wrong person.
Is there something you can do to safeguard yourself in this scenario? Well, unfortunately in this case, there is not much you can do. The possibility of someone cloning your SIM and taking control of your account details is very scary and real. You can potentially change your registered phone number with the bank and safeguard yourself, but if you are a regular user of the UPI feature to make payments or to send and get money from friends and family, you should know that changing the phone number breaks UPI big time. If you can live with that, you can proceed and change the registered number. It is also a good idea to change your phone banking and internet banking passwords right away. The bank has since then fixed the server issue.