Data leak of 5.5 million users of Indian website BabyChakra, personal information in danger

BabyChakra, the Indian parenting platform, has reportedly exposed its users’ data, including information on parents and their children. Due to the data exposure, some mistakes are being told in one of the company’s servers, due to which it became easy to hack the data. As a result, more than 5.5 million files now included in the database can be accessed publicly. The researcher has claimed that the files also contained millions of photos and videos of BabyChakra users and some of them contained sensitive topics, such as medical test results and prescriptions uploaded by users on the platform. Some of the exposed images have also been reported to be associated with the children and families of the affected users. The Mumbai-based Babychakra provides parents with a social network, which gives them the option to discuss their problems with experts.

VPNMentor’s research team, led by Israeli security researcher Noam Rotem, discovered the problem within the BabyChakra platform in February and reported it to the company soon after the initial investigation. Researcher claimed that this data exposes the personal data of millions of individuals. Researcher said that the expose figures also included photographs and videos of people using the BabyChakra.

In addition to media content, data included in more than 35,000 invoices and 19,800 packaging slips has also been accessed from purchases made through the BabyChakra website. According to the researcher, personally identifiable information (PII) of more than 55,000 users including children has also been exposed. It is being said that the database contains the full name, phone number, address and purchase information of the affected users. The entire data exposed is 259GB in size.

The VPNMentor team says that they first informed BabyChakra about the problem on 9 February, although the company did not respond to them despite several contacts.

Researchers have also stated that the data was found to be secure by the company on 26 April, after which they informed Gadgets 360 about the data exposure on 27 April.

But BabyChakra founder Naiya Saggi told Gadgets 360 that he [सर्विस में] No problems were found and the misconfiguration problem was fixed after contact with VPNMentor researchers.


Leave A Reply

Please enter your comment!
Please enter your name here