South African telecommunication provider, MTN, has shut down its e-billing portal due to security concerns, according to a report on Techcentral.
The decision followed a security breach, which meant anyone could easily access customers information including billing details.
An anonymous commenter on TechCentral had detected the error and explained that the breaches involved an unencrypted e-billing platform and absence of any authentication to access information from the database.
According to Techcentral, “Just a simple hash string was appended to the e-billing website address — meaning anyone could guess the string and potentially bring up user information at random,” leaving customers at the mercy of good guessers.
In a move to stem the vulnerability, MTN plans to lengthen the hash string, making it more difficult to make random guesses to access a customer’s information.
The company has temporarily taken the system offline until a secure solution has been developed, the report said.
Photo Credit: Yuri Yu. Samoilov via Compfight cc
