Whether it was the Facebook-Cambridge Analytica scandal, or Quora row or even Google Plus security problem, 2018 was the year of data breaches. Data worth millions of dollars was stolen and was susceptible to being used illegally during this time.
In an earlier article we discussed some of the big shots across the globe that fell a victim of the breach, but here, we are listing some major data breaches faced by consumer internet companies:
The money lending digital platform based out of Gurugram detected vulnerabilities in its data stack. A subsidiary of Digital Finance International, the microblogging site serves millions of customers. It was found that the database stored in the Amazon Cloud are susceptible to the data leak, and was pointed out by a user on Twitter. He had said that the startup was leaking customer details because of a vulnerability on its cloud storage infrastructures. The company, however, stated that the vulnerability was recognised and fixed within a few hours, hence preventing any compromises in the customer data.
Information Leaked: Scanned copies of customer’s Aadhaar cards and PAN cards submitted during KYC.
In Nov 2018, e-commerce giant Amazon India faced data breach, not once but on two occasions. During the festive shopping at the US, the company contacted the customers about a technical error that disclosed customer names and email IDs on its website. The exact numbers were not clarified and Amazon India did not give any confirmation if Indian customers were also impacted. The following month, Amazon suffered another technical error that resulted in the exposure of its user data. This time the malware was detected in Amazon India platform. The incident exposed some of the seller’s private financial information. Amazon India confirmed the issue about the breach and resolved it as soon as it came into notice. The company said that some sellers experienced a technical issue when they attempted to download merchant tax reports for the month of December 2018. “Our teams identified the issue and resolved it on priority and sellers were soon able to download the correct reports”, Amazon India reportedly said.
Information Leaked: Tax reports of approximately 400,000 Amazon sellers were disclosed to other sellers.
In a recent development, Federation of Hotel and Restaurant Associations of India (FHRAI) issued a notice to the Online Travel Aggregators and warned of action against Oyo adducing a large number of data breaching and staking the safety of consumers and also violating the laws. Earlier in 2018 Oyo Rooms was accused of stealing data by Zo Rooms suggesting that the prior had acquired data of employees, assets, and hotel properties under the pretext of accelerating the process of acquisition and is now refusing to pay the dues for the business acquired. There were concerns that though these pertain to breach of contracts between parties, the sheer number of such grievances from hotels is a matter of concern.
In another report, OYO’s India and South Asia CEO Aditya Ghosh made an announcement that the managers and receptionists are equipped with an app that captures guest details and photos and directly shares them with the authorities without the consent of its customers. At present, the new surveillance proposal has reportedly been accepted by the governments of Rajasthan, Haryana, and Telangana.
Information Leaked: The customer’s IDs that booked Oyo rooms (numbers not clarified).