Rapido Addresses Security Vulnerability That Exposed User and Driver Data

Rapido, the popular ride-hailing platform, has reportedly resolved a security flaw that exposed sensitive user and driver information. According to a report, the flaw was tied to a feedback form, which unintentionally revealed personal data such as full names, email addresses, and phone numbers of individuals submitting feedback. This issue, discovered by a security researcher, raised significant concerns about the potential misuse of this information in scams or other malicious activities. Rapido has since acknowledged the problem and taken swift action to secure the portal, safeguarding the data of its users and drivers.

Security Researcher Uncovers Vulnerability

The flaw was uncovered by security researcher Renganathan P, who identified a vulnerable feedback website used by Rapido to collect responses from both users and drivers. According to TechCrunch, the problem stemmed from an application programming interface (API) that transmitted the collected feedback to a third-party service. This misconfigured API inadvertently exposed personal data, making it accessible to anyone who could identify the issue.

User and Driver Data at Risk

The exposed portal reportedly revealed crucial personal details, including the names, email addresses, and phone numbers provided by individuals using the feedback form. Such information could be exploited for phishing attacks, scams, or other fraudulent activities, amplifying the need for immediate remediation of the issue.

Rapido’s Response to the Breach

In response to the discovery, Rapido acted promptly to set the affected portal to private, effectively mitigating the vulnerability. The company has assured users and drivers that the issue has been resolved and steps have been taken to prevent similar incidents in the future. This case highlights the importance of rigorous security measures in safeguarding user data and maintaining trust in digital platforms.