This morning a serious security breach was discovered that affected Telefónica. Due to it, all the company's customer data was exposed. Although finally, this same morning the company's IT team has managed to close this security breach. A failure that allowed accessing any customer's data with great ease.
As the only thing necessary was to have a Telefónica account. When entering the web, it was enough to make a slight change in the URL to be able to access the private data of other clients of the operator. It was Facua who discovered this security flaw.
After discovering it, they revealed to the company their intention to make this information public. Therefore, Telefónica has taken action more quickly and limited access to the web. Finally, a few hours later it was confirmed that the failure had already been definitively resolved.
Although it is worrying that consumer data could be accessed in such a simple way. Since it is possible that there has been someone who has created a database with the information obtained. There was data that could be downloaded in CSV format, as confirmed by some media.
Telefónica has not reacted so far to this security flaw detected. It is also not known whether or not this vulnerability has been exploited.. It seems that we will have to wait to find out if this has happened. But the risk that this has been the case is real.
It is expected that Facua will say more about it later today.. So we will surely obtain more information about this serious security flaw at Telefónica. We also hope that the operator itself for more data soon, or at least some reaction, because they have not said anything.