Indian startup DotPe has recently faced a significant security lapse. Reports indicate that DotPe’s entire API was left public, allowing anyone to access sensitive information without any authentication.
According to tweets shared by social media users, a hacker revealed that they could view the most ordered items from every outlet of Social, a popular restaurant chain in India. The term “Zero auth” in the tweet indicated that no authorization was required to access the data.
Another tweet highlighted that this security flaw allowed individuals to not only see the most ordered items but also financial details from Social outlets across the country.
In Delhi, the most popular item from the Social outlet was ‘Banarasi Patiala with Vodka,’ a well-known cocktail blend.
This revelation raises serious concerns about DotPe’s security measures, particularly as the startup recently secured around $58 million in Series B funding to expand its services.
Based in Gurugram, DotPe raised $58 million in a Series B funding round in September 2022, led by Temasek, with contributions from existing investors PayU and InfoEdge Ventures, as well as new investors Mitsubishi and Naya Capital.
As of now, there has been no official response from DotPe regarding this incident. This situation underscores the critical need for robust security protocols, especially in the tech-driven restaurant industry, where customer and sales data is immensely valuable.
Share this:
Discover more from Latest News, Breaking News, National News, World News
Subscribe to get the latest posts sent to your email.
