Saturday, April 13, 2024
Outlook.com
Outlook India
Outlook Business

Indian At-Home Salon Start-up Allegedly Exposes Customer Data

The incident highlights the importance of implementing robust security measures to protect sensitive data

Indian At-Home Salon Start-up Allegedly Exposes Customer Data

Outlook Start-Up Desk

POSTED ON March 04, 2023 2:28 PM

Yes Madam, an at-home salon start-up based in Noida, India, has reportedly exposed the sensitive data of its customers and gig workers due to a server-side misconfiguration. A security researcher named Anurag Sen claimed that a database containing the personal details of hundreds of thousands of customers was allegedly left connected to the internet without a password since at least February 20. 

The database allegedly included customers' full names, mobile numbers, email addresses and physical addresses, as well as some location data such as latitude and longitude values, user device details and payment links. In addition, Yes Madam allegedly exposed profile images, names and mobile numbers of gig workers working for the platform. Sen reported the data exposure to the Indian Computer Emergency Response Team (CERT-In).

According to Sen, the database had data entries of more than 900,000 users and anyone with the database's IP address could access the data using just their web browser. Yes Madam reportedly secured the database on March 3 after being contacted by TechCrunch.

Founded in 2017 by Aditya and Mayank Arya, Yes Madam offers at-home salon services, including massage, spa, therapies, hair treatments and male grooming services. Its app has been downloaded more than a million times and the company operates in over 30 cities in India. Yes Madam raised $100,000 in funding in its pre-seed round.

This incident highlights the importance of properly securing databases that contain sensitive data. Companies must ensure that they have appropriate security measures in place to prevent unauthorised access to personal data. Failure to do so can result in significant harm to individuals and damage to a company's reputation. It is essential that companies take data security seriously and implement robust security measures to protect their customers' data.

  • Related Articles

    The laptop is powered with 4G wireless sim connectivity and runs on PrimeOS, the brand’s proprietary Android 11-based operating system

    Primebook 4G Set to Launch Exclusively on Flipkart in March

    The made-in-India device is non-invasive blood glucose monitoring health-tech gadget which helps to measure six key body vitals

    BlueSemi Launches Non-Invasive Blood Glucose Gadget EYVA

    Sports memorabilia is part of the $412 billion global collectibles industry, which is expected to reach $692.4 billion by 2032, according to a Market Decipher report

    Gaming Platform Striker Collaborates With Digital Artists To Monetize Their Cricket Art Work