Durex leaks on web

Needs more protection

The Indian branch of the Durex company has been the source of some unpleasant leaks according to the Office of Inadequate Security.

Seriously folks. We're not making this up. Apparently, the company's website allowed users to download the personal details of thousands of people who had gone online to stock up on rubber johnnies.

It seems that the bloke who blew the whistle on the leak was first thanked for pointing it out, and even offered a nice hamper for his efforts, but has since been sent threatening letters by the company's solicitors after exposing the gaffe to the rest of the condom-buying public.

He noticed the cock-up after receiving an online delivery note which contained his order number in the URL. Being the curious type, he tried typing in a random order number as part of the URL and found he could access thousands of other delivery notes from unwitting punters.

The data breach was fixed soon after it was reported, but there's no telling how long it was in place before its discovery.