By 
I was scrolling through Twitter when something caught my attention. A Safaricom customer had written a short thread of a rather shocking experience with her Safaricom app. The issue she was reporting was one that put Safaricom on the receiving end of criticism for lack of proper data protection mechanisms.
“Something very scary is happening with the [Safaricom] App. I went to the Bill Manager only to find a phone number that isn’t mine & bills belonging to someone else. My KPLC Meter is postpaid I do not own a CBA Account I am on Saf Prepaid Why am I seeing someone else’s data?” Read her tweet.
Start off your week with tech news recap and trending conversations in your inbox
According to the customer, Elayne Okaya thread, MySafaricom App was displaying information and data that did not belong to her. She goes ahead to express her concern about the possibility of someone else having access to her data as she currently had access to someone else’s data:
I’ve never paid these bills & I do not know who the number shown belongs to yet it is all there, on my phone. @SafaricomPLC how did this happen?Does this mean that someone else can see my personal data on their phone -bank accounts, utility bill accounts, frequently paid bills?
— Nike of Samothrace (@ElayneOkaya) April 15, 2019
The thread continues to show the magnitude of the glitch, which also exposed the unknown person’s M-PESA transactions, phone number, bank accounts and more:
I can literally see all the frequent mpesa transactions this person makes with his/her number right on my phone.
This is such a violation @Safaricom_Care, such a violation.
Our private data is not safe with you.
Fix this now.— Nike of Samothrace (@ElayneOkaya) April 15, 2019
Not An Isolated Case
Interestingly, there were other complains of similar manner under her thread. With a number of MySafaricom App users reporting that they have been seeing utility bill payments that they are not associated with, while some reported that they could bank details of accounts they do not own.
To worsen the situation, the users reported that the telco’s customer care reps had dismissed similar issues reported earlier claiming that the users had probably made the bill payments at one point:
I made a complaint that someone else's prepaid account appeared on my frequently used paybill details and I was told it was my fault as I must have paid that bill before. I was pissed.
— Emmanuel M'Mwirichia (@emmwirichia) April 16, 2019
From the look of things, it seems like a bug that has affected the App’s database, at least according to an expert in the field. We reached out to Safaricom for an explanation of what happened but by the time of press, the telco had not responded.
Comments