Indian edtech startup WhiteHat Jr, which has found itself in a potboiler of controversies recently, had a bug in its system, making its data of over 2.8 lakh students vulnerable. On November 25, the Quint quoted a security researcher who reported the bug to WhiteHat Jr, who said, "According to what I found out the personal data of over 2.80 lakh students including names of their parents were lying exposed due to a vulnerability on the company's server-side."
WhiteHat Jr said that all vulnerabilities were fixed within 24 hours and stressed that there was no data leak.
According to the security researcher, WhiteHat Jr's back-end server was left open, allowing access to student names, age, gender, images, user IDs, parents' names, and progress reports. The report also said that access to the company's AWS servers was restricted as of November 20.