VPNMentor’s research team, led by Israeli security researcher Noam Rotem, discovered the problem within the BabyChakra platform in February and reported it to the company soon after the initial investigation. Researcher claimed that this data exposes the personal data of millions of individuals. Researcher said that the expose figures also included photographs and videos of people using the BabyChakra.
In addition to media content, data included in more than 35,000 invoices and 19,800 packaging slips has also been accessed from purchases made through the BabyChakra website. According to the researcher, personally identifiable information (PII) of more than 55,000 users including children has also been exposed. It is being said that the database contains the full name, phone number, address and purchase information of the affected users. The entire data exposed is 259GB in size.
The VPNMentor team says that they first informed BabyChakra about the problem on 9 February, although the company did not respond to them despite several contacts.
Researchers have also stated that the data was found to be secure by the company on 26 April, after which they informed Gadgets 360 about the data exposure on 27 April.
But BabyChakra founder Naiya Saggi told Gadgets 360 that he [सर्विस में] No problems were found and the misconfiguration problem was fixed after contact with VPNMentor researchers.