Durex India has reportedly slipped into a privacy nightmare, leaving users feeling more exposed than they ever expected. The Indian arm of the British condom-maker has exposed sensitive user information collected by its official website. The sensitive user information includes identity, phone numbers, email IDs and postal addresses.
The full magnitude of this digital disaster is now unknown. How many customers are affected? How long has this vulnerability existed on the website? These are unsolved questions, which contribute to the distress of potential victims.
As per security researcher Sourajeet Majumder who has uncovered the leak suggests information of several hundreds of customers has been compromised. He also said that the leak happened due to lack of proper authentication on the order confirmation page of the condom-maker’s website.
In a post on X, Sourajeet said, “A leak as such not only puts the customer’s privacy at risk but also makes them prone to social harassment or moral policing.”
Threat actors could exploit the data exposed on Durex’s website to launch phishing attacks, perform identity theft, and even harass customers.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.