State Bank of India (SBI), the country’s largest lender, has fixed a glitch in its systems that may have exposed the financial information of millions of customers. A report by the U.S.-based TechCrunch news website on Wednesday had said SBI had secured an unprotected server that could have allowed anyone to access information on millions of its customers, including bank balances and recent transactions.
“SBI would like to assure all its customers that their data is safe and secure and SBI is fully committed to ensuring this,” the bank said in a statement late on Friday.
The server, hosted in a Mumbai-based datacenter, stored data from SBI Quick, a text message and call-based system used to request basic information about their bank accounts by SBI customers, the report had said.
The TechCrunch report added the server was left unprotected, giving anyone, who knew where to look for, access to two months of SBI Quick data. It claims that just Monday’s data included three million messages, which were sent to the SBI consumers.
A process to mask such account details “uses the services of telecom providers and aggregators,” SBI said.
“Investigation has revealed that there was a misconfiguration or lacuna in their process that arose on January 27 and was subsequently rectified,” it added.
SBI’s investigation also showed that its servers remained secure and that there had been no breach, the bank said.