Durex India Data Breach: Customers’ Order Info Leaked.
Durex India, the Indian branch of the renowned British condom and personal lubricants brand, has compromised customers’ sensitive information, including full names, order details, and payment amounts.
Security expert Sourajeet Majumder alerted TechCrunch about a critical data leak on the company’s website. The breach, caused by inadequate authentication on the order confirmation page, has exposed personal details such as names, phone numbers, email addresses, and shipping addresses. Although the exact number of affected individuals is unclear, evidence suggests that hundreds of customers’ data is at risk.
Majumder emphasized the importance of privacy for a brand handling intimate products. TechCrunch verified the leak and found that the exposed information was still accessible online at the time of reporting. To prevent aiding malicious use, TechCrunch has not disclosed all details.
Despite reaching out to Ravi Bhatnagar, spokesperson for Durex’s parent company Reckitt, TechCrunch received no comment on whether measures would be taken to address the security issue. The exposed data could potentially be used for identity theft or harassment. Majumder has also informed India’s Computer Emergency Response Team (CERT-In) about the vulnerability.
Share News with us via WhatsApp: 08163658925 or Email: naijaeyes1@gmail.com
Join Our Social Media Channels:
WhatsApp: NaijaEyes
Facebook: NaijaEyes
Twitter: NaijaEyes
Instagram: NaijaEyes
TikTok: NaijaEyes
