<Thread> @BSNLCorporate is an Indian state-owned telecommunications company. Security is not really their thing... Here the summary of the issues I found
-
-
I found this issue a few days ago, but I'm not the first one to discover this issue. This issue had been discovered by a fellow Indian,
@kmskrishna, 2 years ago. He sent mails to BSNL, even called senior officiers, but nobody answered him...pic.twitter.com/iN5mPr1EKs
Show this thread -
2) http://intranetuk.bsnl.co.in had been attacked by a ransomware. They didn’t even notice…pic.twitter.com/3AfP0OZzdG
Show this thread -
3) http://intranethr.bsnl.co.in had been attacked by a ransomware. They didn’t even notice…pic.twitter.com/vNY2ADeaPi
Show this thread -
4) A monitoring bandwidth system was accessible publicly.pic.twitter.com/LVSHJTNwZE
Show this thread -
Their websites had a lot of open directories which allowed everybody to consult their documents: - http://intranethr.bsnl.co.in/new_2016/digital_lib … - http://intranetuk.bsnl.co.in/webdocument - http://calcutta.bsnl.co.in/BB - http://rttckalyani.bsnl.co.in/highslide pic.twitter.com/xjzWkt2lt1
Show this thread -
New conversation -
-
-
I hope, the passwords weren't stored in plain text, were they?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
You will not hear from BSNL soon. Even if they respond, they will do nothing about the security flaws. In India privacy and security are the last concerns, especially for Government and PSUs.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
plenty of other issues as well. One of then starts from S and ends with P on main portal. All the best.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.