A security flaw in the website of the West Bengal govt’s COVID-19 testing program exposed the personal data of millions who were tested. Sourajeet Majumder, a security researcher found that the link containing the patient’s unique test identification number could be easily converted using online tools as it was scrambled with base64 encoding. The ID was sequenced, allowing anyone to change it in the browser’s address bar to view another test result.

Click here to read the full story