The need for data security has been a matter of utmost importance in the last few years, especially with the rising value of data in an internet based world. Thus, when companies are anything less than extremely cautious when it comes to the privacy of their users, it becomes a matter of grave concern. However, these cases are still much more common than one would think, and today, another staggering display of carelessness has presented itself in form of BabyChakra.
According to a report by vpnMentor, BabyChakra, the leading parenting/e-commerce portal in India, was recently hit by a data breach that made it extremely easy for hackers to get their hands on user data.
As per the report, a large database of more than 5 million files from BabyChakra’s thousands of customers was stored in plain sight directly in the open. This left the company completely vulnerable to easy data hacks. vpnMentor has called out the platform for seriously jeopardizing the safety and data of its customers, through a very serious security lapse on its part.
The breached data comprised 249GB worth of files, containing thousands of photos and financial documents pertaining to different customers.
The breach was identified back in February this year, but the platform took concrete action to rectify it only in April. However, the files (around 5.5 million of them) had been left out for open access ever since 2015.
Most of the information contained in the database included slews of photographs, including those of babies, other family members, medical prescriptions, and medical reports.
Some 35,120 invoices and receipts were also found included in the database, along with thousands of packaging slips as well. Records pertaining to customers, along with Personally Identifiable Information (PII) files also became a part of this attack.
The report has implied that the breach might have had serious impacts on the security of the customers as well as the platform itself.