wordpress blog stats
Connect with us

Hi, what are you looking for?

Royal Enfield database exposed personal info, including passwords and vehicle info, of 452k users; now secured

Motorcyles company Royal Enfield exposed a database of at least 452,000 people in January 2020, which included their names, e-mail IDs, phone numbers, encrypted passwords, vehicle-related information and social media links, Bob Diachenko, cyber threat intelligence director at securitydiscovery.com revealed on Twitter. The information was of those customers who had created a profile on Royal Enfield’s official website. MediaNama has seen a redacted copy of the kind of information that Diachenko could access, courtesy the vulnerability on Royal Enfield’s website. “I discovered 3 IPs with misconfigured databases (i.e. set up without password/login) with what appears to be Royal Enfield’s data,” he told MediaNama. We have reached out to Royal Enfield for comment.

Information about ‘privileged users’ and RE dealers also exposed: In his tweet, he also said that the exposed database also included information about 1,470 “privileged users” and dealers. According to a redacted copy of the data seen by MediaNama, email, password, name, and phone numbers of “privileged users” of Royal Enfield was compromised. Similarly, information related to at least 3,657 Royal Enfield dealers, including their branch code, IDs, names, emails, passwords, sales codes and online booking information was also exposed, Diachenko told MediaNama.

The exposed details of customers, shared by Bob Diachenko with MediaNama

Information about ‘Privileged users’ shared by Bob Diachenko with MediaNama

Diachenko discovered the vulnerability on January 19, and alerted Royal Enfield the same day. He told us that the database was secured the next day. But the vulnerability could have existed for at least two weeks before he finally discovered it, he pointed out. “They [Royal Enfield] thanked me, asked for additional discussion over the phone about the incident and disappeared from my radar, never replied further on,” Diachenko recounted to MediaNama.

3,000 official government email IDs from ISRO, MEA, SEBI were compromised: This vulnerability comes after it was reported that at least 3,000 email IDs of officials belonging to government organisations such as Indian Space Research Organisation (ISRO), Bhabha Atomic Research Centre (BARC), Ministry of Corporate affairs, Ministry of External Affairs, Atomic Energy Regulatory Board (AERB) and Securities and Exchanges Board of India (SEBI), were compromised, with their passwords available in plain text across various leaked databases on the dark web.

Advertisement. Scroll to continue reading.

Written By

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.

Views

News

When news that Walmart would soon accept cryptocurrency turned out to be fake, it also became a teachable moment.

News

The DSCI's guidelines are patient-centric and act as a data privacy roadmap for healthcare service providers.

News

In this excerpt from the book, the authors focus on personal data and autocracies. One in particular – Russia.  Autocracies always prioritize information control...

News

By Jai Vipra, Senior Resident Fellow at Vidhi Centre for Legal Policy The use of new technology, including facial recognition technology (FRT) by police...

News

By Stella Joseph, Prakhil Mishra, and Yash Desai The Government of India circulated proposed amendments to the Consumer Protection (E-Commerce) Rules, 2020 (“E-Commerce Rules”) which...

You May Also Like

News

Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...

News

By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

Advert

135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...

News

Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Name:*
Your email address:*
*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ