back to article Durex India eStore spills customers' personal details

A site that sold Durex condoms in India has threatened a whistleblower with a legal nastygram in the wake of an admitted security breach involving leaked client details. Problems with the site surfaced earlier this month after a customer noticed that simply changing the order ID numbers in a URL allowed …


This topic is closed for new posts.
  1. Anonymous Coward

    am i the only one who saw this?

    "an unpleasant leak that created a potentially messy situation for everyone involved."

  2. John A Blackley

    A little editing

    "SSL and TTK-LIG takes data security extremely seriously NOW AND WILL DO SO UNTIL THE PUBLIC'S ATTENTION WANDERS ELSEWHERE and we have identified the cause OF THIS ONE PARTICULAR WHOOPSIE and taken immediate remedial action. The modifications put in place ensure ER, OR SO THAT WIERD WEB GUY TELLS US, that unauthorized access OF THIS PARTICULAR TYPE cannot happen again. We are completely confident that the website is now fully secure - BUT THEN WE DON"T KNOW JACK ABOUT THIS WEB STUFF AND, UNTIL IT BECOMES AN EMBARASSMENT AGAIN, COULD CARE LESS.


  3. Anonymous Coward

    who'd have thunk it

    I mean, dodgy code coming out of India, that sort of thing just isn't possible.

  4. Anonymous Coward
    Anonymous Coward

    Now I'm not saying India has the monopoly on bad code

    But they seem to be trying pretty damn hard.

    The number of Indian programmers with professional contracts you see asking beginner questions in coding forums, complete with samples of their spaghetti code, is quite ridiculous.

    It's not India's fault though bless 'em, it's just that companies require programmers in the UK to have X years education followed by X years experience, then when they go to outsource they don't ask for any verifiable experience whatsoever. They just sort of assume "well we're dealing with another company, just like us - not some filthy prole - so we'll never get burned" and they get burned over and over again.

  5. Mos Eisley Spaceport

    That'll show Johnny Foreigner!


  6. Eden

    Wha? he noticed a flaw, reported it only to the effected company...who thanked him..only to then have them turn around and accuse him of being a bad bad boy? I assume with some legal ramification?


    Why do companies keep doing this to themslves and bring more attention and make themselves look like an ass by trying to whack the people pointing out the flaws in their security.

    1. SirTainleyBarking


      They get twat lawyers involved. The question will have been asked "What is our legal exposure?" the Lawyers answer will be to try and hush up things by threats. The Streisand effect then comes into play.

      I work in a FMCG company. If this scenario had played out with us (Thankfully we don't do web ordering, our products aren't embarassing) there would have been a lot of panicking, swearing, fixing, and a large box of freebies on the way.

      And no-one would have been any the wiser as that would have been the end of it

      There is an old idiom that should be beaten into every lawyer and MBA student. 'You can catch more flies with honey than with vinegar'

  7. Graham Marsden

    The Streisand Effect...

    ... strikes again!

  8. Graham Bartlett

    If he's the Durex Whistleblower...

    ... what flavour was it?

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2019