Security lapse at India’s DavaIndia pharmacy exposed customer orders and drug-control systems before being fixed.
Gandhinagar: A big Indian pharmacy chain called DavaIndia had a security problem that let outsiders see customer orders and control the company’s computer systems.
The company has more than 2,300 stores across India. A security expert found that anyone could make a “super admin” account because some computer code was not safe.
With this special access, bad actors could see thousands of orders that had names, phone numbers, email addresses, homes, and what medicines people bought. They could also change prices, make discount coupons, and decide if some medicines needed a doctor’s note.
The expert saw this problem in August 2025 and told India’s computer safety team. The company fixed the issue within weeks. No one knows if anyone used this access before it was fixed.
Pharmacy information can be private because it shows what health products people buy. The company that owns DavaIndia is Zota Healthcare.