BreachExchange mailing list archives
Durex leak reveals customer details, in a week where data loss has risen to incredible levels
From: security curmudgeon <jericho () attrition org>
Date: Wed, 31 Mar 2010 18:44:03 +0000 (UTC)
http://www.scmagazineuk.com/durex-leak-reveals-customer-details-in-a-week-where-data-loss-has-risen-to-incredible-levels/article/166993/ Durex leak reveals customer details, in a week where data loss has risen to incredible levels Dan Raywood March 31, 2010 A website selling Durex condoms in India suffered a data breach that revealed customers' names and orders. Databreaches.net reported that on 5th March, a customer reportedly discovered that anyone could view his and other customers' orders on the kohinoorpassion.com website by simply inserting a different order ID number in the URL without any login required. Available information included names, addresses, phone numbers and the type of products ordered, and it claimed that from what a customer could determine, the earliest order exposed online dated back to 23rd February 2009, but there is no confirmation as to for how long the customer records might have been accessible without a login. According to the customer's website about the breach, no credit card or financial data were exposed. The customer said that he contacted TTK-LIG, the marketer of the Durex brand in India and manufacturer of Kohinoor condoms, and SSL International the owner of the Durex brand worldwide about the problem and that by the next day, the site appeared to be better secured. [..] _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Get business, compliance, IT and security staff on the same page with CREDANT Technologies: The Shortcut Guide to Understanding Data Protection from Four Critical Perspectives. The eBook begins with considerations important to executives and business leaders. http://www.credant.com/campaigns/ebook-chpt-one-web.php
Current thread:
- Durex leak reveals customer details, in a week where data loss has risen to incredible levels security curmudgeon (Apr 01)