Ride-hailing unicorn Rapido has addressed a security vulnerability that exposed sensitive personal information of its users and auto drivers through an unsecured feedback form portal, the company said on Wednesday.
The security breach, which stemmed from an API integration between Rapido’s feedback collection system and a third-party service provider, had allowed unauthorised access to users’ and drivers’ full names, email addresses, and phone numbers.
“As a standard operating procedure, we are in the process of soliciting valuable feedback from our stakeholder community on our services. While this is being managed by external parties, we learnt that the survey links erroneously reached some unintended users from the public. We fixed the issue immediately and it is now resolved. As a fast-growing company in a highly dynamic market, we stay committed to full compliance of our data protection policy,” Rapido said in a statement in response to questions seeking clarity.
