According to an independent security researcher, a vulnerability in Jio's JioWallet app said to have exposed personal data of the users. The Aadhaar numbers were exposed along with details like date of birth, when did they verify SIM card and their JioMoney account MPIN. C.S. Akshay who is an independent security researcher started digging the JioMoney code when the service’s customer support was unable to resolve a grievance. In a Tweet, Akshay said: “Absolutely irritated, I messed with Jio Money with [which] the issue resided and boom, a vulnerability was discovered.” However, he deleted the Tweet on the subject after getting a call from Jio. Though Jio never publicly announced how many users are enrolled on JioMoney, the company encourages all its subscribers to download the entire Jio suite of apps, which includes JioMoney. Jio on the other runs its own payments bank, it has also partnered with many companies including insurance. It also has partnerships with Uber, Sodexo, Snapdeal and Dominos Pizza. It’s unclear if this incident has reached to RBI yet. Interestingly, this isn't the first time Jio has had a vulnerability in its app ecosystem. Back in 2017, Imran Chhimpa figured out a way to auto-fetch Jio users’ details from their phone numbers with a ...
Read Here»
Post a Comment Blogger Facebook
We welcome comments that add value to the discussion. We attempt to block comments that use offensive language or appear to be spam, and our editors frequently review the comments to ensure they are appropriate. As the comments are written and submitted by visitors of The Sheen Blog, they in no way represent the opinion of The Sheen Blog. Let's work together to keep the conversation civil.