Navigation
Search
|
Security Bug In India's Income Tax Portal Exposed Taxpayers' Sensitive Data
Wednesday October 8, 2025. 02:50 AM , from Slashdot
![]() The bug was exploitable by anyone who was logged-in to the tax portal because the Indian income tax department's back-end servers were not properly checking who was allowed to access a person's sensitive data. This class of vulnerability is known as an insecure direct object reference, or IDOR, a common and simple flaw that governments have warned is easy to exploit and can result in large-scale data breaches. 'This is an extremely low-hanging thing, but one that has a very severe consequence,' the researchers told TechCrunch. In addition to the data of individuals, the researchers said that the bug also exposed data associated with companies who were registered with the e-Filing portal. It remains unclear how long the vulnerability has existed or whether any malicious actors have accessed the exposed data. Read more of this story at Slashdot.
https://it.slashdot.org/story/25/10/07/2136212/security-bug-in-indias-income-tax-portal-exposed-taxp...
Related News |
25 sources
Current Date
Oct, Wed 8 - 22:41 CEST
|