Data Exposed: Uncovering Vulnerabilities in HR Tech Start-up Darwinbox
Cybersecurity firm CyberX9 identified vulnerabilities in HR tech start-up Darwinbox, which could expose employee data. Darwinbox refuted claims, attributing issues to credential theft on clients' end. The company acknowledged security improvements following CyberX9's findings, asserting that its systems remain secure.
- Country:
- India
A cybersecurity research firm, CyberX9, has uncovered potential vulnerabilities within HR tech start-up Darwinbox. These vulnerabilities, if exploited, could lead to the exposure of employee data of Darwinbox and its clients.
Despite the alarming findings, Darwinbox has strongly refuted these claims, asserting that any data breach did not originate from their platform. The firm attributed the security issues to credential theft incidents on the client side and potential leaks on the dark web. They further stressed that their systems remain secure from unauthorized access or compromise.
CyberX9 has highlighted in its report that sensitive Personal Identification Information (PII) of employees and job applicants on the Darwinbox platform could be at risk. In response, Darwinbox has acknowledged the research firm's efforts and confirmed implementing fixes, even as it maintains that the vulnerabilities were primarily external and unrelated to their platform's core security.
(With inputs from agencies.)
ALSO READ
Financial Stability Council Charts Cybersecurity and KYC Reform in 29th Meeting
InCorp Advisory Launches Pioneering Cybersecurity Compliance Tool
Google Unveils Safety Charter for Cybersecurity in India
J&K Hosts High-Level Cybersecurity Workshop to Boost Digital Resilience
Rising Cybersecurity Concerns in the Taiwan Strait: A Prelude to Conflict?
Google News