[meerkat]

I don't know how many Maruti owners register for the Maruti owners' online database. This site records owners' personal information like name, address, phone nos., email ids, car details etc.

I needed to update my profile in the database. I hit the submit button after updating my profile. I received no confirmation. Instead, I was put on the profile page of another Maruti owner! I could see all his details. I could even have edited the profile of that owner if I wished to! If I did choose to edit his profile, on hitting the submit button again, presumably I would have ended up on the profile page owned by still another Maruti owner, and could have edited his profile too, and so on, ad infinitum!
Being the nice person that I am , I just logged out.

-- And could not log back in for a while, because my password was messed up (the case of the letters got changed). My car details were flushed out too! Now the site does not update my password, -- the feature just does not work!

Does Maruti care about these issues? The owners' database security breach did not seem to concern them when I called! So, at best, owners are liable to have their personal details lying in an insecure database for anybody to do whatever they like with those. At worst? Who knows?

---------------------------
P.S. Moderators, please move this post to the appropriate section if it isn't there already.

[Nitin]

Thats crazy!MUL ought to do something about this.
So much for identity theft!

[McLaren Rulez]

LOL at the title. What benefits do you get if you are on the database?

[amoghchaphalkar]

Quote:

Originally Posted by McLaren Rulez

LOL at the title. What benefits do you get if you are on the database?

None at all !! I am on that database. All I get is "Happy Birthday" e-cards !!!

[Bazius]

Please change the title

[simplythebest]

With all due respect...I think your first course of action should have been to inform Maruti by sending a polite email.
If they don't fix the problem, it has to be taken further

I think all these news channels are making us more sensationalist

[musicvj]

Are you working with Headlines Today channel? I was expecting something else after reading the title lol.

[diabloo]

@meerkat, I think all you missed is an opportunity to harvest email addresses.

BTW, Maruti must hire better programmers. I wonder which firm did the web programming.

[amtak]

OT: The new website seems to have lifted inputs from Shell, and some of the other Telecommunication companies.

[menonrajesh]

No wonder why I used to get calls from Maruti enquiring about the level of satisfaction of the recent service done on the car which I never owned! Sometimes from the maruti insurance too, politely informing me about the policy renewal on someone else' car!

[musicmanaman]

The title of this thread is sure misleading.

About Maruti, they should be more carefull with people's database's.

[phamilyman]

a. You didn't HACK!
b. Title should be "Potential security flaw: Maruti's online database mixes up customer details"

LOL. But nice stuff that you didnt misuse it! kudos

[vijaythacker]

Quote:

Originally Posted by phamilyman

a. You didn't HACK!
b. Title should be "Potential security flaw: Maruti's online database mixes up customer details"

LOL. But nice stuff that you didnt misuse it! kudos

yes sir thats what it should be with title of this thread, owners name is misleading.Can mods do something for this.
Meerkut, well title what you posted doesnt justify what you posted later, but still would like to congratulate you of not misusing or editing any information that was visible on that page.

[royalcruiser]

whoa .. the title was completely misleading!

[McLaren Rulez]

Maruti Suzuki India Limited raised several eyebrows when it invited one of its customers to hack into its own database. The customer, known only by his alias "meerkat", claims to have received an email from Mr. Jagdish Khattar, Managing Director of the automobile company requesting him to hack into Maruti Suzuki's database and retrieve confidential details about their customers. Mr. "meerkat" declined to carry out the task, despite being more than capable of simple hacks such as these, citing ethics as his reason. Industry analysts blame Maruti's obsessive desire to increase their market share for the latest incident. Many are curious to know why Maruti required the services of a professional hacker when Maruti executives already have access to the database in question. Maruti Suzuki's customers expressed their anger regarding this breach of privacy. Said Mr. Daljeet Singh, owner of a Maruti Suzuki SX4, "I knew I should have bought the new City instead. This is an outrageous piece of identity theft and I have already started receiving three times as much spam mail." Meanwhile, Maruti Suzuki executives were unavailable for comment. McLaren Rulez reporting for Times Now

Now does it fit the title? But anyway, I hope Maruti has resolved the issue by now. Identity theft can lead to bigger problems so they should be acting quickly to fix it.