Indian firms caught napping as private details of individuals were leaked
A new website, created by an anonymous user, has exposed the lack of data security practices in major companies around the world, including some Indian firms. The website, which surfaced on the internet last week, seeks to collect all publicly available data from servers of Amazon Web Services’ storage buckets.
The website lists all publicly available data, which is sometimes harmless such as manuals for products or terms and conditions for web-based applications. However, technology experts in India have found data containing personal information, which can potentially be a big privacy scare. These “buckets” store information on lab test reports of lakhs of people from a Mysore-based health start-up, offer letters provided by food delivery aggregator Swiggy, online ticketing data by Justickets and bank account statements as well as income proofs submitted by people to a digital lender in Mumbai.
It was unearthed by Srikanth L, a software engineer, who found multiple data stores of Indian companies and promptly alerted them to fix the leak. “A Mysore based / #HealthTech company/startup with Mysore clientele exposing Lab reports, prescriptions, a scan of signatures (Yes, doctors yours too!) 1000+ documents,” he wrote on Twitter.
Srikanth said while public storage buckets on Amazon serves an important use case of disseminating publicly accessible information to users in a fast and effective manner, companies should be careful about putting up personally identifiable information/confidential documents there and restrict access if they do choose to upload on third-party servers. For instance, Swiggy has delegated its HR functions to a start-up Hirexp, which seems to have uploaded resumes, offer letters and recordings of interviews on Amazon servers. While the company said there was no leak from its end, Business Standard reviewed these documents and recordings, which were made private by Tuesday evening.(READ FULL ARTICLE)
No comments:
Post a Comment