Durex India spilled customers’ private order data

Comment
Durex India, the Indian subsidiary of the British condom and personal lubricants brand, has exposed its customers’ personal information, including their full names and order details.
Security researcher Sourajeet Majumder contacted TechCrunch this week about the issue of exposing sensitive customer data on the condom maker’s website.
The brand’s website spilled customer names, phone numbers, email addresses, shipping addresses, the products ordered and the amount paid. The exact number of affected customers is not known. However, the researcher found evidence that hundreds of people had information exposed because of a lack of proper authentication on its order confirmation page.
“For a brand dealing with intimate products, ensuring privacy is crucial,” Majumder told TechCrunch.
TechCrunch verified Majumder’s findings, and found that customer order details were still accessible online at the time of writing. As such, TechCrunch is withholding certain details about the exposure as to not aid malicious actors.
When reached by TechCrunch prior to publication about the exposed customer information, Ravi Bhatnagar, a spokesperson for Durex parent company Reckitt, declined to comment or say if the company plans to secure its customers’ information.
The researcher told TechCrunch that the data could be exploited for identity theft, and contact details may result in unwanted harassment. Majumder said that he also contacted India’s Computer Emergency Response Team (CERT-In) about the security lapse, which acknowledged his email.
“Affected customers can also become victims of social harassment or moral policing because of this leak,” the researcher said.
Every weekday and Sunday, you can get the best of TechCrunch’s coverage.
Startups are the core of TechCrunch, so get our best coverage delivered weekly.
The latest Fintech news and analysis, delivered every Tuesday.
TechCrunch Mobility is your destination for transportation news and insight.
By submitting your email, you agree to our Terms and Privacy Notice.
Intel has found its first — and perhaps only — cloud customer for its Gaudi 3 AI accelerator chips: IBM Cloud.
Google said the findings were an example of how exploits developed by spyware makers can end up in the hands of “dangerous threat actors.”
Butterflies AI, the new social network where humans and AIs interact with each other, is launching a new Clones feature that turns you into an AI character. This latest addition…
Uber is making a strategic investment into Wayve as an extension of the U.K.-born startup’s previously announced $1.05 billion Series C round. The partnership will also see the two companies…
After spending four days in police custody, the founder and CEO of messaging app Telegram, Pavel Durov, was put under formal investigation in France on Thursday for a wide range…
Reliance Industries, India’s largest company by market capitalization, is not sitting out the AI frenzy that has gripped the tech world.
Durex India has exposed customers’ personal information, including full names, email and postal addresses, and order details.
Apple has added yet more AI features in its latest developer betas for iOS 18.1, and this time we’re getting the ability to remove objects from photos.
New Enterprise Associates (NEA) is getting back into the secondaries game.  The Silicon Valley-based VC raised more than $468 million for NEA Secondary Opportunity Fund, according to an SEC filing.…
One-click checkout tech company Bolt is still waiting to find out if shareholders will sign off on a proposed funding round with stipulations that founder Ryan Breslow would return as CEO. In…
Whatever size the tranche ends up being it’ll be OpenAI’s biggest outside infusion of capital since January 2023.
Reddit’s mobile and web applications went down on Wednesday afternoon, with more than 150,000 users reporting outages on Downdetector as of 1:30 p.m. in San Francisco. When trying to access…
For months, a tech forum ran wild asking if the Converge 2 accelerator program actually happened. We finally found out.
Bluesky on Wednesday introduced the ability to hide replies, as well as a way to detach your original post from someone’s quote post.
Featured Article
Fluid Truck, a startup that was founded to disrupt the commercial vehicle rental industry, has ousted its sibling co-founders — CEO James Eberhard and chief legal counsel Jenifer Snyder — according to sources familiar with the matter. The shakeup, which employees have described as a hostile takeover, was led by…
Meta announced Wednesday that users on Threads will be able to see fediverse replies on other posts besides their own.
Just weeks ago, during an interview with TechCrunch, Thomas Ingenlath laid out his plan to turn Polestar into a self-sustaining company. Now, he’s out.  Polestar said Tuesday Ingenlath has resigned as…
Midjourney, the AI image-generating platform that’s reportedly raking in more than $200 million in revenue without any VC investment, is getting into hardware. The company made the announcement in a…
Hiya, folks, welcome to TechCrunch’s regular AI newsletter. If you want this in your inbox every Wednesday, sign up here. Say what you will about generative AI. But it’s commoditizing…
OpenSea, which calls itself the “world’s largest” nonfungible token (NFT) marketplace, received a Wells notice from the SEC, the company said in a blog post Wednesday, indicating the regulator may…
Kissner previously served as Twitter’s chief information security officer, and held senior security and privacy positions at Apple, Google, and Lacework.
Featured Article
A complete list of all the known layoffs in tech, from Big Tech to startups, broken down by month throughout 2024.
It’s been more than a year since Tesla agreed to open its Supercharger network to electric vehicles from other automakers, like General Motors and Ford. But Tesla’s network of nearly…
Tumblr is making the move to WordPress. After its 2019 acquisition by WordPress.com parent company Automattic in a $3 million fire sale, the new owner has focused on improving Tumblr’s…
Back in February, Google paused its AI-powered chatbot Gemini’s ability to generate images of people after users complained of historical inaccuracies. Told to depict “a Roman legion,” for example, Gemini would show an anachronistic…
Exclusive: Millennium Space Systems will soon have a new CEO as Jason Kim has departed the company, TechCrunch has learned. 
As of the company’s most recent financial quarter, Apple’s Services bsuiness represented about one-quarter of the tech giant’s revenue.
After a long week of coding, you might assume San Francisco’s builders would retreat into the Bay Area’s mountains, beaches or vibrant clubbing scene. But in reality, when the week…
You’ve got the product — now how do you find customers? And once you find those customers, how do you keep them coming back for more? At TechCrunch Disrupt 2024,…
Snapchat announced on Wednesday that it’s releasing new resources for educators to help them create safe environments in their schools by better understanding how their students use the app. The…
Powered by WordPress VIP

source
Sponsor:News technical sponsor
Sponsor:News AI sponsor
Sponsor: AI sponsor
Sponsor: AI sponsor

Leave a Comment

Vélemény, hozzászólás?

Az e-mail címet nem tesszük közzé. A kötelező mezőket * karakterrel jelöltük