A report by cyber security research firm CyberX9 has said multiple vulnerabilities in the system of Vodafone Idea (Vi) exposed the call data records of 20.6 million customers subscribed to the telecom giant's postpaid services. The report said vulnerabilities exposed the call data records, comprising the time when a call was made, the call's duration, the call's location, the customer's full name and address, and SMS details comprising the contact number to which it was sent.
They claimed that the exposed data includes records of the 20 million customers subscribed to the telecom giant's postpaid services.
"This would permanently damage millions of Vodafone Idea customers' privacy and security", said CyberX9. The company further alleged Vodafone's Idea of exposing sensitive data of customers for the last two years saying that the leaked data might have already been stolen by malicious hackers.
Vodafone Idea, meanwhile, denied the claim. A statement from a Vi spokesperson was issued later:
"There is no data breach as alleged in the report. The report is false and malicious. We learned about a potential vulnerability in billing communication. This was immediately fixed and a thorough forensic analysis was conducted to ascertain no data breach. We have notified appropriate agencies and made due disclosures."
"Vi customer data remains fully safe and secure," Vi added.