Friday, December 20, 2024
     
Advertisement
  1. You Are At:
  2. News
  3. Technology
  4. Rapido fixes a bug that exposed the personal data of thousands of users and drivers

Rapido fixes a bug that exposed the personal data of thousands of users and drivers

Rapido has announced that it has resolved a bug in its feedback form that had exposed sensitive data, including the names and phone numbers of thousands of users and drivers who were registered on the platform.

Written By: Saumya Nigam @snigam04 New Delhi Published : Dec 20, 2024 18:12 IST, Updated : Dec 20, 2024 18:20 IST
Rapido
Image Source : RAPIDO Rapido

A significant bug in Rapido, an Indian bike-taxi aggregator app has exposed sensitive personal data of thousands of users and drivers across the country. The leaked information included full names, phone numbers, and email addresses, which has raised serious privacy and security concerns. 

The Rapido data breach highlights the critical importance of robust data security practices for companies handling user information. While the company has addressed the issue, the incident highlights the growing risks of data leaks in India’s rapidly expanding digital economy.

Bug found in feedback form API

 

The vulnerability was discovered by Indian security researcher Renganathan P, who identified a flaw in the feedback form on Rapido’s website. This form, which was used for collecting feedback from auto-rickshaw users and drivers, relied on an API that inadvertently shared sensitive details with an external third-party service.

Security risks of exposed data

The exposed data posed a significant risk, which was potentially enabling the cybercriminals to launch large-scale social engineering attacks or sell the information on the dark web.

The researcher further warned that this could lead to phishing scams or other malicious activities targeting users and drivers.

1,800 Feedback forms affected

Over 1,800 feedback forms, which contained sensitive information like phone numbers and email addresses, were accessible due to the bug. This included the contact details of drivers, compounding the security threat.

Rapido’s response

Rapido acted swiftly by setting the exposed portal to private upon learning about the breach. A company spokesperson downplayed the severity, claiming that the exposed data was "non-personal" and attributing the issue to survey links reaching unintended users.

Broader implications for data privacy

This incident follows closely on the heels of another data breach involving McDonald’s India (West and South), where a bug in its delivery system exposed customer and delivery partner data, including names, phone numbers, and email addresses. That bug, discovered in July, was fixed in late September.

ALSO READ: Preeti Lobana appointed Head of Google India: Know who she is

ALSO READ: Jio’s affordable 90-day plan under Rs 900, attracting BSNL users: All details here

Advertisement

Read all the Breaking News Live on indiatvnews.com and Get Latest English News & Updates from Technology

Follow IndiaTV on WhatsApp
Advertisement

Top News

Advertisement
Advertisement

Latest News

Advertisement