Durex India, a branch of the British brand known for condoms and sexual health products, has inadvertently revealed private information of its consumers, including their names and particulars of their purchases.
This week, cybersecurity expert Sourajeet Majumder alerted TechCrunch to the issue that confidential user data was accessible on the condom company’s site.
Details such as customer names, contact numbers, email IDs, postal addresses, purchased items, and payment amounts were left unprotected. It’s unclear exactly how many customers were impacted, but Majumder discovered that due to insufficient authentication measures on the order confirmation page, the data of several hundred individuals was compromised.
Majumder emphasized to TechCrunch the importance of privacy for a company specializing in personal products, stating, “For a brand dealing with intimate products, ensuring privacy is crucial.”
TechCrunch confirmed Majumder’s report, noting that the customer purchase information remained publicly available at the time of their investigation. To prevent further risk, TechCrunch has chosen not to disclose specific details about the data breach.
Upon contacting Ravi Bhatnagar, a representative for Durex’s parent company Reckitt, for comments on the data exposure before this story went public, Bhatnagar neither offered any remarks nor clarified whether there were any intentions to protect the exposed data.
The researcher also shared concerns with TechCrunch that the exposed information could lead to identity theft and the potential for undue harassment stemming from the leaked contact information. Furthermore, Majumder has reached out to the Computer Emergency Response Team (CERT-In) in India, which has acknowledged receiving his alert regarding the security oversight.
Majumder warned, “Customers implicated in this breach may face social harassment or become targets of moral policing due to the nature of the leaked data.”
Compiled by Techarena.au.
Fanpage: TechArena.au
Watch more about AI – Artificial Intelligence
