Lovense Swiftly Fixes Major Security Flaws, Legal Action Hinted
Lovense, a popular sex toy manufacturer, has faced a security scare following the disclosure of two significant vulnerabilities. The company initially estimated a 14-month resolution but swiftly fixed the issues within days. Meanwhile, Lovense's CEO hinted at potential legal action.
The first flaw allowed users' email addresses to leak via network traffic. A determined individual could link any username to their corresponding email by manipulating requests. The second vulnerability was even more alarming. It permitted anyone to seize control of a Lovense account using just the user's email, rendering passwords useless.
BobDaHacker, the researcher who uncovered these flaws, made them public after Lovense's slow response. Despite initially estimating a 14-month fix, Lovense acted swiftly, resolving the issues within two days of disclosure. The company's CEO, Dan Liu, has since hinted at possible legal action following the public revelation of the vulnerabilities.
Lovense has reassured customers that no user data was compromised or misused. All identified vulnerabilities have been fully addressed. Despite the swift resolution, the potential legal action hints at Lovense's seriousness in protecting its users' data and privacy.
