(Reuters) - State Bank of India (SBI), the country’s largest lender, has fixed a glitch in its systems that may have exposed the financial information of millions of customers.
“SBI would like to assure all its customers that their data is safe and secure and SBI is fully committed to ensuring this,” the bank said in a statement late on Friday.
A report by the U.S.-based TechCrunch news website on Wednesday had said SBI had secured an unprotected server that could have allowed anyone to access information on millions of its customers, including bank balances and recent transactions.
The server, hosted in a Mumbai-based datacenter, stored data from SBI Quick, a text message and call-based system used to request basic information about their bank accounts by SBI customers, the report had said.
A process to mask such account details “uses the services of telecom providers and aggregators,” SBI said.
“Investigation has revealed that there was a misconfiguration or lacuna in their process that arose on January 27 and was subsequently rectified,” it added.
SBI’s investigation also showed that its servers remained secure and that there had been no breach, the bank said.
Reporting by Chris Thomas in Bengaluru; Editing by Sai Sachin Ravikumar