Indian pharmacy chain giant exposed customer data and internal systems
A security lapse by one of India’s largest pharmacy chains allowed outsiders to gain full administrative control of its platform, exposing customer order data and sensitive drug-control functions, TechCrunch has exclusively learned. The issue affected DavaIndia Pharmacy, the pharmacy arm of Zota Healthcare, which operates a large network of retail outlets across India. Security researcher Eaton Zveare told TechCrunch that he discovered the flaw after identifying insecure “super admin” application programming interfaces on DavaIndia’s website and privately shared details with Indian cybersecurity authorities. The bug is now fixed, and Zveare disclosed his findings. The exposure comes as Zota Healthcare rapidly scales DavaIndia Pharmacy’s retail business. The…
