Telkom website exposes personal details

The Telkom website is exposing the personal details of people, including their ID numbers, contact details, marital status, and home addresses.

The personal details are exposed when a new customer opts to sign up for a service, and is redirected to an online form.

The online form already contains the details of another person, though. Where this information is pulled from is currently unclear.

This happened multiple times when MyBroadband investigated pricing on the Telkom website, but no pattern could be identified.

Telkom was alerted to the security problem, and it is understood they have applied a patch to resolve the issue.

The screenshots below show the extent of the personal information which was exposed through the security bug.

Telkom product order page - exposed details
Telkom product order page – exposed details.
Telkom product order page - exposed details
Telkom product order page – exposed details.
Telkom product order page - exposed details
Telkom product order page – exposed details.
Telkom product order page - exposed details
Telkom product order page – exposed details.
Telkom product order page - exposed details
Telkom product order page – exposed details.
Telkom product order page - exposed details
Telkom product order page – exposed details.

More on security

Registry of South Africans Abroad database vulnerability

Hacker Batman may be out there, watching over your ADSL router

Don’t fall for these scams in South Africa

Latest news

Partner Content

Show comments

Recommended

Share this article
Telkom website exposes personal details