Data buckets containing sensitive information used by companies like Swiggy, Gromor Finance, and a Mysore-based health startup have been exposed and are publicly available, Business Standard reports. grayhatwarfare, a third party site, posted a dump of links to these publicly available buckets. The exposure raises significant questions of data protection hygiene companies, even as the Justice Srikrishna Committee is yet to table its report on recommended data protection norms for India. The leaked information includes diagnostic reports by doctors, job offer letters, bank statements, and much more, according to the BS report. Srikanth Lakshmanan, a programmer, discovered the existence of Indian companies' data in the buckets, the report says. About 1.8 million people's data is reported to have been exposed. Swiggy told Business Standard that it takes data security very seriously. HireXP, whose buckets exposed Swiggy data, denied to the newspaper that any of the leaked files were real, and that said that the documents were 'dummy' letters. BS noted that a lot of the documents contained detailed summaries of employee histories and pay. What are data buckets? Data buckets are a cloud-computing construct, where companies store documents and files in large servers maintained elsewhere. Amazon Web Services is a common provider that many businesses like Swiggy use to store their data in such buckets for ready retrieval. This is especially useful, for example, when Swiggy wants to show users pictures of dishes in a restaurant, but doesn't have the server infrastructure in-house to manage millions of such image requests…
