Durex India, a prominent sexual wellness brand known for its condoms and intimate products, has recently suffered a cyber attack that compromised sensitive customer information. The breach has led to the exposure of personal data including full names, contact numbers, email addresses, shipping addresses, and details of ordered products. This information was accessed due to a vulnerability on the order confirmation page of the Durex India website.
Reckitt, the parent company of Durex, is currently investigating the incident and plans to release a comprehensive report on the breach next week. In response to the security lapse, the company is implementing measures to address the technical issues and will provide further details in the coming days.
Customers who make online purchases of intimate products expect a basic level of security to safeguard their information. Unfortunately, this breach suggests that Durex may have fallen short in this regard, potentially exposing customers to risks such as identity theft and financial extortion.
For context, Durex, originally a British brand, used to produce personal lubrication products and contraceptives until 2007. To reduce production costs, Durex shifted some of its manufacturing operations to Asian countries including China, Thailand, and India.
In 2011, Durex was involved in a cross-industry promotional partnership with Trend Micro, a cybersecurity firm. The campaign, which emphasized themes of security and antivirus protection, generated significant interest but faced backlash in Western markets such as the United States and the United Kingdom. As a result, Reckitt decided to terminate the promotional campaign and end the collaboration.