19 C
Jaipur
Friday, October 30, 2020

ACT Fibernet Could Have Revealed User’s Email ID, Address Due to A Security Flaw

Must read

Flipkart quiz October 30, 2020: Get answers to these questions to win Flipkart super coins, discount vouchers and other gifts

Flipkart is back with another edition of its daily trivia. The quiz starts daily at 12am and runs till 12pm. The quiz offers...

amazon app quiz: Amazon app quiz October 30, 2020: Get answers to these five questions to win Rs 15,000 in Amazon Pay balance

As part of today’s app quiz, Amazon is giving a chance to win Rs 15,000 in Amazon Pay balance. Daily...

​Amazon sale: Power banks, earbuds and other accessories available at up to 88% discount

​Amazon sale: Power banks, earbuds and other accessories available at up to 88% discount Source link

Want WhatsApp features before others? Here's step-by-step guide to become a beta tester

Want WhatsApp features before others? Here's step-by-step guide to become a beta tester Source link

Just yesterday, we reported that RailYatri’s server were exposed and could have let an intruder access private info of more than 7 lakh users. Security researchers have today reported that a vulnerability in ACT Fibernet’s service could have put the user’s email IDs, home address, and more at risk.

First spotted by security researcher Karan Saini, a security flaw on ACT Fibernet’s end allowed anyone to query an active user’s home address. Saini contacted the Internet service provider on discovering the issues and steps were taken to quickly resolve the problem.

Saini stumbled upon a severe security flaw while using the ACT Fibernet mobile app, which as per his report, would allow “a malicious actor to query the full name, home and work phone number, account number, internal ID, email and home address, connectivity status, as well as other information” associated to your account.

Now, the hacker only needs to know your phone number, which will help a query that returns the customer’s full name and account number. Once the account number has been retrieved, it could be used to query a user’s address, email ID, billing status, and more.

ACT Fibernet confirmed Saini’s findings and revealed that the issue emerged during one of its latest updates. It was discovered during the rollout itself and fixed at hand to avoid the private information of its users from being leaked to malicious actors. The company did patch a security loophole but since it confirmed that there hasn’t been a data breach, it does not plan on disclosing the same to any customers.

“Customer security is our number one priority, and we get security audits done every quarter and work with ethical hackers,” stated the ACT Fibernet spokesperson in an official statement (via Gadgets 360). The company is now actively working to roll out a bug bounty program, where it will award security researchers who discover flaws and loopholes in its services or servers. It plans to kick off the bug bounty program in the next 30 to 45 days.

Source link

- Advertisement -

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

Flipkart quiz October 30, 2020: Get answers to these questions to win Flipkart super coins, discount vouchers and other gifts

Flipkart is back with another edition of its daily trivia. The quiz starts daily at 12am and runs till 12pm. The quiz offers...

amazon app quiz: Amazon app quiz October 30, 2020: Get answers to these five questions to win Rs 15,000 in Amazon Pay balance

As part of today’s app quiz, Amazon is giving a chance to win Rs 15,000 in Amazon Pay balance. Daily...

​Amazon sale: Power banks, earbuds and other accessories available at up to 88% discount

​Amazon sale: Power banks, earbuds and other accessories available at up to 88% discount Source link

Want WhatsApp features before others? Here's step-by-step guide to become a beta tester

Want WhatsApp features before others? Here's step-by-step guide to become a beta tester Source link

How To Use pulseaudio-dlna To Stream Audio From Ubuntu 20.10 To Chromecast Devices

pulseaudio-dlna is a streaming server which allows streaming audio from your Linux computer to a Chromecast or DLNA / UPNP device in the same...