Recently I discovered a non-password protected data breach Poorvika throughout the records and file names. The records contained employee data such as religion, sex, date of birth, marital status, family dependents, and other PII. After sending a responsible disclosure notice to Poorvika the database was closed to public access that same day. However, They never replied regarding my findings. According to its website, Poorvika is the largest tech retailer in India, which specializes in mobile phones and mobile-related accessories. Poorvika was founded in 2004 and has since grown to become one of the largest mobile retailers in the country, boasting over 500 stores across 43 cities. Poorvika also has an online portal that sells smartphones, laptops, computers, smart devices, and tech accessories.
My full report can be seen here.