Data of 5.5 million users of Indian website BabyChakra leaked, personal information in danger


Indian parenting platform BabyChakra has reportedly exposed its users’ data, which includes information about parents and their children. The reason for the data being exposed is being attributed to some mistakes in one of the company’s servers, due to which it became easy to hack the data. Due to this, now more than 55 lakh files included in the database can be publicly accessed. The researchers claimed that the files also contained millions of photos and videos of BabyChakra users, and some of them contained sensitive topics, such as medical test results and prescriptions uploaded by users on the platform. Some of the exposed images have also been reported to be of children and families of affected users. Mumbai-based BabyChakra provides parents with a social network, which gives them the option to discuss their problems with experts.

VPNMentor’s research team, led by Israeli security researcher Noam Rotem, discovered the problem within the BabyChakra platform in February and reported it to the company soon after a preliminary investigation. The researcher claimed that this data exposes the personal data of millions of individuals. The researcher said the exposure data also included photos and videos of people using BabyChakra.


In addition to media content, data contained in over 35,000 invoices and 19,800 packaging slips has also been accessed from purchases made through the BabyChakra website. According to the researcher, Personally Identifiable Information (PII) of more than 55,000 users including children has also been exposed. The database is said to contain full names, phone numbers, addresses and purchase details of the affected users. The entire data exposed is 259GB in size.

The VPNMentor team says that they first reported the issue to BabyChakra on February 9, however the company did not respond to them despite repeated contact.

The researchers also said that the data was found to be secure by the company on April 26, after which they informed Gadgets 360 about the data exposure on April 27.

But Naiyaa Saggi, the founder of BabyChakra, told Gadgets 360 that she [सर्विस में] No issues were found and the misconfiguration issue was fixed after contacting VPNMentor researchers.


Source link