AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Critical security vulnerabilities expose users' personal information of Smart Chastity Cage Maker

The dangerous consequences of neglecting cybersecurity in IoT devices

A recent security discovery has revealed serious flaws in an internet-connected chastity device for males, exposing personal information. The company ignored warnings and took no action to fix the issues. The website also exposed PayPal payment logs, raising further concerns about user privacy.

This pill is also available in Italian language

A recent security discovery has uncovered serious vulnerabilities in the systems of a company that produces an internet-connected chastity device for males. These vulnerabilities have resulted in the exposure of users' sensitive personal information, including email addresses, plaintext passwords, home addresses, IP addresses, and in some cases, even GPS coordinates. This alarming find sheds light on the company's inadequate security measures and disregard for user privacy.

Researcher's efforts to address vulnerabilities ignored by the company

Upon uncovering the vulnerabilities on June 17, a responsible security researcher promptly alerted the company, urging them to take action and safeguard their users. Despite being made aware of the flaws, the company has yet to acknowledge or address the issues adequately. The researcher has expressed concern over the ease with which these vulnerabilities can be exploited, emphasizing the company's irresponsibility in failing to rectify the situation.

Company's inaction leads to public alert and defacement of website

In an attempt to raise awareness about the vulnerabilities and warn both the company and its users, the researcher defaced the company's homepage. The act was aimed at highlighting the gravity of the situation and the potential risks posed to users. Shortly after the defacement, the company swiftly removed the researcher's warning and restored their website. However, rather than addressing the flaws, the company resumed operations without any significant changes, leaving the vulnerabilities open to exploitation.

Additional security concerns with PayPal payment logs and app functionality

In addition to the vulnerabilities that granted the researcher access to customer data, it was also discovered that the company's website exposes PayPal payment logs, revealing users' email addresses and payment dates. This further amplifies concerns over the company's lax approach to data security. Moreover, the internet-controlled functionality of their app, designed to allow partners to track the device wearer's movements, raises further questions about user privacy and data protection.

Follow us on Instagram for more pills like this

09/03/2023 13:17

Editorial AI

Last pills

Cyber attack in Indonesia: the new Brain Cipher ransomware brings services to their kneesNew ransomware hits Indonesia: learn how Brain Cipher crippled essential services and the techniques used by hackers

Patelco Credit Union: security incident halts customer services in CaliforniaService disruption and customer frustration: Patelco Credit Union works to resolve security incident

Cyber attack on TeamViewer: immediate response and investigations underwayStrengthened security measures and international collaborations to counter the cyber threat

Polyfill JS supply chain attack: what happenedA detailed analysis of the cyber attack that compromised a library essential for JavaScript compatibility in browsers