Indian edtech startup WhiteHat Jr, which has found itself in a potboiler of controversies recently, had a bug in its system, which made its data of over 2.8 lakh students vulnerable.
On November 25, the Quint quoted a security researcher who reported the bug to WhiteHat Jr, who said, “According to what I found out the personal data of over 2.80 lakh students including names of their parents were lying exposed due to a vulnerability on the company's server side.”
The researcher had pointed out the vulnerability on November 19, and WhiteHat Jr said that all vulnerabilities were fixed within 24 hours. "WhiteHatJr takes security and privacy issues very seriously. We are committed to both our customers and to our compliance with applicable laws. Based on information received from responsible disclosures, we reviewed our setup and worked to patch specific identified vulnerabilities within 24 hours,” said the company.
Advertisement
According to the security researcher, WhiteHat Jr’s backend server was left open which allowed access to student names, age, gender, images, user IDs, parents name, and progress reports. The report also said that the access to the company's AWS servers was restricted as on November 20.
Meanwhile, WhiteHat Jr went on to stress o ..
Support the originator by clicking the read the rest link below.
