Home Technology Hyundai Motor India fixes bug that uncovered clients’ private knowledge

Hyundai Motor India fixes bug that uncovered clients’ private knowledge

Hyundai Motor India fixes bug that uncovered clients’ private knowledge


Hyundai’s India subsidiary has fastened a bug that uncovered its clients’ private data within the South Asian market.

TechCrunch reviewed a portion of the uncovered knowledge that included the registered proprietor title, mailing tackle, e-mail tackle, and telephone variety of Hyundai Motor India clients who’ve serviced their autos at any of the corporate’s approved service stations throughout India. The bug additionally disclosed automobile particulars, together with the registration quantity, coloration, engine quantity, and mileage coated.

In a telephone dialog on Thursday, Hyundai Motor India spokesperson Siddhartha P. Saikia mentioned the corporate would offer an announcement. When shared by e-mail, the assertion mentioned:

“We perceive the significance of safeguarding the information of our clients and accordingly try to create strong techniques and processes. Additional, these techniques get periodically reviewed and up to date primarily based on wants. The Restore Order/Bill hyperlink is shared solely on the cellular quantity registered by the shopper, as soon as they’ve opted in to obtain such updates. These are system-generated hyperlinks with none human involvement. Hyundai assures continued efforts to safeguard the curiosity of the purchasers.”

Hyundai Motor India didn’t reply questions on whether or not it had the technical means, corresponding to logs, to find out any improper entry to a buyer’s information, nor would the corporate say if any unhealthy actors exploited the problem.

Safety researcher Ashutosh, who most well-liked to not be named in full, shared the main points concerning the easy bug with TechCrunch. The bug uncovered the shopper’s private data by the net hyperlinks Hyundai Motor India shared with clients over WhatsApp after receiving their autos for servicing at a licensed service station.

The online hyperlinks that redirected clients to the restore orders and invoices in PDF information contained the shopper’s telephone quantity. A malicious actor may expose the knowledge of different clients by altering the telephone quantity within the hyperlink.

TechCrunch confirmed the researcher’s findings and emailed Hyundai Motor India on December 29. The corporate responded on January 4. TechCrunch shared the main points of the bug with Hyundai Motor India on the identical day, and requested Hyundai Motor India repair the bug inside seven days attributable to its simplicity and severity. Hyundai Motor India fastened the bug on Thursday.

Upon receiving the corporate’s response, TechCrunch confirmed the bug was fastened, and the hyperlinks in concern have been now not energetic — redirected to a web page giving an error message.

Established in 1996, Hyundai Motor India is among the many prime three carmakers within the nation, alongside Maruti Suzuki and Tata Motors. Hyundai Motor India has a community of over 1,500 service stations within the nation. In Could, the carmaker introduced an funding of $2.45 billion (200 billion Indian rupees) over the following 10 years within the southern Indian state of Tamil Nadu to bolster its plans for electrical autos.


Supply hyperlink


Please enter your comment!
Please enter your name here