Bengaluru-based security researcher Ehraz Ahmed said the security flaws have exposed personal sensitive data of at least 200 million customers. “We were apprised of a security flaw in one of the APIs of Nykaa Fashion platform, which was rectified by the Nykaa Fashion team immediately. Most API security flaws mentioned are very basic, and not complicated a simple penetration testing could have fixed it. According to him fintechs and banks usually have a standalone security team for data security testing, while e-commerce firms have also started adopting data security protocols. “But a vast majority of logistics and mobility players have no dedicated data security teams.

Source: Mint November 17, 2019 04:30 UTC