Durex India customer data leaked; Security flaw exposes sensitive details of hundreds online
2 months ago | 54 Views
Durex India has inadvertently revealed personal details of its customers, including their names, phone numbers, email addresses, shipping addresses, and order specifics. The breach, affecting hundreds of customers, was reported this week by security researcher Sourajeet Majumder to TechCrunch.
Authentication Flaw Identified
The issue originated from inadequate authentication measures on Durex India's order confirmation page. This vulnerability allowed unauthorised access to sensitive customer information. While the exact number of affected individuals is not confirmed, evidence indicates that numerous customers' details were exposed due to this oversight.
TechCrunch verified Majumder's findings and confirmed that the exposed data was still accessible online. The publication chose to omit certain specifics to avoid aiding potential malicious actors. When approached for comment, Ravi Bhatnagar, a spokesperson for Durex's parent company Reckitt, did not provide a response or disclose any plans to enhance data security.
Potential Risks and Alerts
Majumder warned that the leaked data could facilitate identity theft and lead to harassment. He also informed India's Computer Emergency Response Team (CERT-In), which acknowledged his alert. Majumder highlighted the broader risks associated with such data breaches, including potential social harassment and moral policing of affected individuals.
Reckitt Benckiser's Financial Decline
In related news, Reckitt Benckiser, the parent company of Durex, saw a significant drop in its share price by over 12 percent today, according to a City A.M report. The decline follows the company's failure to meet analysts' expectations for 2023. Operating profit fell to �2.5 billion from �3.2 billion the previous year. The company attributed this shortfall to an underestimation of trade spending in two Middle Eastern markets and a decrease in demand for cold and flu products.
Reckitt reported a 1.2 percent decline in quarterly like-for-like net revenue, missing the anticipated 1.6 percent growth forecasted by analysts. Kris Licht, CEO of Reckitt, acknowledged the unsatisfactory performance in the fourth quarter but expressed optimism for 2024 and beyond.
#