Tech Gadget Central Latest Tech News and Reviews
Hyundai’s Indian affiliate has successfully resolved a software flaw that inadvertently made its customers’ personal data vulnerable in the South Asian market.
We examined a segment of the disclosed data, which included the names, addresses, email addresses, and phone numbers of Hyundai Motor India customers who have had their cars serviced at any of the company’s approved service outlets across India. The bug further revealed car information such as the registration number, color, engine number, and mileage.
During a telephonic chat on Thursday, Siddhartha P. Saikia, the spokesman of Hyundai Motor India, confirmed that the business would issue a formal statement. The statement was sent by email.
“We understand the importance of safeguarding the data of our customers and accordingly strive to create robust systems and processes. Further, these systems get periodically reviewed and updated based on needs. The Repair Order/Invoice link is shared only on the mobile number registered by the customer, once they have opted in to receive such updates. These are system-generated links without any human involvement. Hyundai assures continued efforts to safeguard the interest of the customers.”
Hyundai Motor India declined to provide information on its ability to detect any unauthorized access to customer details, such as via technological methods like logs. The business also did not disclose if any malicious individuals took advantage of the vulnerability.
The security researcher, who chose to remain anonymous, disclosed the specifics of the simple software flaw to. Hyundai Motor India exchanged online links with clients via WhatsApp after they had their cars serviced at an approved service shop. However, a fault in the system caused the customer’s personal information to be exposed through these web links.
The hyperlinks that brought clients to the repair orders and invoices in PDF format included the customer’s telephone number. Someone with malicious intent might potentially compromise the privacy of other customers by altering the phone number inside the provided link.
I verified the researcher’s findings and sent an email to Hyundai Motor India on December 29th. The corporation sent a response on January 4th. promptly informed Hyundai Motor India about the bug’s specifics and urged them to address it within a week, emphasizing its straightforwardness and criticality. On Thursday, Hyundai Motor India resolved the software glitch.
After receiving the company’s answer, it was verified that the flaw had been resolved and the problematic links were no longer functional, as they were now being forwarded to an error message page.
Hyundai Motor India, founded in 1996, is one of the leading automobile manufacturers in the nation, along with Maruti Suzuki and Tata Motors. Hyundai Motor India has a vast network of more than 1,500 service facilities throughout the nation. In May, the auto manufacturer disclosed its intention to allocate $2.45 billion (equivalent to 200 billion Indian rupees) over the next decade in the southern Indian state of Tamil Nadu, with the aim of strengthening its initiatives for electric cars.
