Topics
modish
AI
Amazon
Image Credits:Ashish Vaishnav/SOPA Images/LightRocket / Getty Images
Apps
Biotech & Health
clime
Image Credits:Ashish Vaishnav/SOPA Images/LightRocket / Getty Images
Cloud Computing
Commerce
Crypto
Enterprise
EVs
Fintech
Fundraising
Gadgets
Gaming
Government & Policy
Hardware
Layoffs
Media & Entertainment
Meta
Microsoft
Privacy
Robotics
Security
societal
Space
Startups
TikTok
Transportation
Venture
More from TechCrunch
upshot
Startup Battlefield
StrictlyVC
Podcasts
video
Partner Content
TechCrunch Brand Studio
Crunchboard
get hold of Us
Hyundai ’s India subsidiary has fixed a bug that exposed its customers ’ personal info in the South Asian grocery .
TechCrunch review a portion of the exposed information that included the register owner name , post computer address , electronic mail address and phone number of Hyundai Motor India client who have serviced their vehicles at any of the ship’s company ’s authorized Robert William Service stations across India . The bug also disclosed vehicle detail , including the readjustment number , colour , locomotive number and mileage covered .
In a phone conversation on Thursday , Hyundai Motor India interpreter Siddhartha P. Saikia said the caller would provide a statement . When shared by e-mail , the statement said :
We understand the grandness of safeguard the data of our customers and accordingly endeavor to create racy systems and process . Further , these systems get sporadically brush up and update based on need . The Repair Order / Invoice connexion is portion out only on the mobile identification number record by the customer , once they have opted in to pick up such update . These are system - bring forth links without any human involvement . Hyundai assures continued efforts to safeguard the interest of the client .
Hyundai Motor India did not do questions about whether it had the technological means , such as log , to find out any improper approach to a customer ’s records , nor would the party say if any bad histrion exploit the result .
Security researcher Ashutosh , who prefer not to be make in full , shared the details about the simple bug with TechCrunch . The hemipteran exposed customer ’ personal information through the web links Hyundai Motor India shared with customer over WhatsApp after receiving their vehicle for servicing at an authorized service station .
The web link that airt customers to the repair orders and invoice in PDF files comprise the client ’s telephone set number . A malicious role player could expose the information of other customers by shift the phone number in the connexion .
Join us at TechCrunch Sessions: AI
Exhibit at TechCrunch Sessions: AI
TechCrunch confirmed the researcher ’s finding and emailed Hyundai Motor India on December 29 . The company respond on January 4 . TechCrunch shared the details of the bug with Hyundai Motor India on the same day , and request Hyundai Motor India fix the bug within seven days due to its simplicity and rigorousness . Hyundai Motor India doctor the bug on Thursday .
Upon receiving the company ’s response , TechCrunch confirm the bug was fixed , and the contact in concern were no longer active and were airt to a page give an warning notice .
Established in 1996 , Hyundai Motor India is among the top three auto manufacturer in the nation , alongside Maruti Suzuki and Tata Motors . Hyundai Motor India has a internet of more than 1,500 service stations in the country . In May , the carmaker declare aninvestment of $ 2.45 billion ( 200 billion Indian rupees)over the next 10 years in the southern Indian state of Tamil Nadu to pad its plans for galvanising vehicles .
