SBI Leaks Account Data on Millions of Customers

There is an ISO/IEC 29147 policy now available and companies serious about their security need to adopt this

India’s largest bank, SBI, has leaked account data on millions of customers.

Ankush Johar, director at Infosec Ventures and investor in BugsBounty.com, said: “This massive story showcases the need for adoption of a ‘Responsible Vulnerability Disclosure’ policy that doesn’t penalise the security researcher community. There is an ISO/IEC 29147 policy now available and companies serious about their security need to adopt this, to safeguard their cyber posture. It is a shame that security researchers are threatened with legal action even when they approach organisations via the responsible disclosure route.

"We’ve been supporting this cause relentlessly and will soon be announcing the formal launch of a not-for-profit platform to help both organisations and security researchers alike.” 


Tags assigned to this article:
sbi Account Data

Advertisement

Around The World