In August, a server misconfiguration was found on the Telangana government site that risked exposing over 130,000 official files. Those files included thousands of government employee payslips, income tax details, and pension documents that had information including full names, addresses, bank account numbers along with IFSC codes, phone numbers, and salaries drawn, among other data
The misconfiguration was discovered by a security researcher and it took about three months for the Telangana state government to protect sensitive details of its employees and pensioners from its website. The Indian Computer Emergency Response Team (CERT-In) confirmed the vulnerability and replied on email in September to say that the authorities had been intimated about the issue, and Telangana IT Secretary Jayesh Ranjan assured a fix.
Some of the exposed files also included photos and thumb impressions of various state government employees and pensioners. Similarly, tax and pension details of some senior citizens who were government employees were also vulnerable that could have been accessed by hackers for severe attacks targeting the gullible population.
