Multiple vulnerabilities in the system of telecom operator Vodafone Idea has exposed the call data records of around 20 million postpaid customers, cyber security research firm CyberX9 said in a report. Vodafone Idea (Vi), however, said there was no data breach and potential vulnerability in its billing communication was immediately fixed after it learned about it.

According to the CyberX9 report, the vulnerability exposed postpaid customers’ call data records, comprising the time when a call was made, duration of call, location from which the call was made, customer’s full name and address, SMS details comprising contact number to which it was sent, among others.

When contacted, Vodafone Idea said, “There is no data breach as alleged in the report. The report is false and malicious. Vi has a robust IT security framework to keep our customer data safe.”

Akasa breach

Akasa Air, which started operations less than a month ago, has suffered data breach resulting in certain customer information being accessed by unauthorised individuals.

The airline on Sunday apologised for the data breach and said the incident has been “self-reported” to the nodal agency, the Indian Computer Emergency Response Team (CERT-In). In a communication posted on its website, the airline said a temporary technical configuration error related to its login and sign-up service was reported on August 25.