Telkom website exposes personal details
The Telkom website is exposing the personal details of people, including their ID numbers, contact details, marital status, and home addresses.
The personal details are exposed when a new customer opts to sign up for a service, and is redirected to an online form.
The online form already contains the details of another person, though. Where this information is pulled from is currently unclear.
This happened multiple times when MyBroadband investigated pricing on the Telkom website, but no pattern could be identified.
Telkom was alerted to the security problem, and it is understood they have applied a patch to resolve the issue.
The screenshots below show the extent of the personal information which was exposed through the security bug.
Telkom product order page – exposed details.
Telkom product order page – exposed details.
Telkom product order page – exposed details.
Telkom product order page – exposed details.
Telkom product order page – exposed details.
Telkom product order page – exposed details.
More on security
Registry of South Africans Abroad database vulnerability
Hacker Batman may be out there, watching over your ADSL router
Don’t fall for these scams in South Africa
Loading ...