Daily Tech News, Interviews, Reviews and Updates

JustDial fixes a security flaw which enabled the hackers access to data of the users

The flaw was reported by a security researcher Ehraz Ahmed

The interconnected relationship between internet and various organizations which can also be termed as e- organizations has its pros as well as cons. Data leaks and security is one of the major negative aspects here. A critical security flaw was found on Justdial, which could enable hackers to access sensitive account information of 156.1 million users on the platform. Justdial has claimed that they have fixed the flaw now.

The flaw was reported by a security researcher Ehraz Ahmed, via MoneyControl.com who disclosed the vulnerability of this security flaw. The flaw could return an access token, system ID (SID) and user ID (UID). The SID would then be used to access the account and another accounts linked to it while the UID would enable hackers to post on the user’s Justdial Profile.

“Hackers and telemarketers can mine the data of JustDial by automating a script using a phone number dump found online,” Ahmed wrote on his blog. Additionally he said, “The hackers can also access your Justdial Pay account and receive funds on your behalf by entering their bank account information in the Bank Details Settings, but they cannot transfer the funds as it requires them to have access to your bank account/UPI code.”

Accessing a Justdial account also gives access to the Justdial Pay account and its settings can be modified to redirect funds to another bank account which is a matter of worry. However, transferring existing funds to another account is not possible since an account or UPI pin is required to confirm the transaction.

Stay tuned for more updates.

Readers like you help support The Tech Outlook. When you make a purchase using links on our site, we may earn an affiliate commission. We cannot guarantee the Product information shown is 100% accurate and we advise you to check the product listing on the original manufacturer website. Thetechoutlook is not responsible for price changes carried out by retailers. The discounted price or deal mentioned in this item was available at the time of writing and may be subject to time restrictions and/or limited unit availability. Amazon and the Amazon logo are trademarks of Amazon.com, Inc. or its affiliates Read More
You might also like

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More