Critical security vulnerabilities expose users' personal information of Smart Chastity Cage Maker
The dangerous consequences of neglecting cybersecurity in IoT devices
A recent security discovery has revealed serious flaws in an internet-connected chastity device for males, exposing personal information. The company ignored warnings and took no action to fix the issues. The website also exposed PayPal payment logs, raising further concerns about user privacy.
A recent security discovery has uncovered serious vulnerabilities in the systems of a company that produces an internet-connected chastity device for males. These vulnerabilities have resulted in the exposure of users' sensitive personal information, including email addresses, plaintext passwords, home addresses, IP addresses, and in some cases, even GPS coordinates. This alarming find sheds light on the company's inadequate security measures and disregard for user privacy.
Researcher's efforts to address vulnerabilities ignored by the company
Upon uncovering the vulnerabilities on June 17, a responsible security researcher promptly alerted the company, urging them to take action and safeguard their users. Despite being made aware of the flaws, the company has yet to acknowledge or address the issues adequately. The researcher has expressed concern over the ease with which these vulnerabilities can be exploited, emphasizing the company's irresponsibility in failing to rectify the situation.
Company's inaction leads to public alert and defacement of website
In an attempt to raise awareness about the vulnerabilities and warn both the company and its users, the researcher defaced the company's homepage. The act was aimed at highlighting the gravity of the situation and the potential risks posed to users. Shortly after the defacement, the company swiftly removed the researcher's warning and restored their website. However, rather than addressing the flaws, the company resumed operations without any significant changes, leaving the vulnerabilities open to exploitation.
Additional security concerns with PayPal payment logs and app functionality
In addition to the vulnerabilities that granted the researcher access to customer data, it was also discovered that the company's website exposes PayPal payment logs, revealing users' email addresses and payment dates. This further amplifies concerns over the company's lax approach to data security. Moreover, the internet-controlled functionality of their app, designed to allow partners to track the device wearer's movements, raises further questions about user privacy and data protection.
Follow us on Instagram for more pills like this09/03/2023 13:17
Editorial AI