Exposed: Indian visa application data accessible to anyone with a web browser

Sanjib Mitra is a man who likes to be responsible and do the right thing. A year ago he discovered, quite by accident, that a little bit of URL tweaking could reveal personal data about people other than himself within a website database. He was completing a complicated application form himself when he was faced with a blank page and a browser back button that did nothing, so he tried changing numerical data at the end of the URL in an effort to salvage some of the information he had spent the previous hour entering. His reward was not time saved and the application retrieved, but rather the applications of pretty much anyone who had ever used the system at any time in the past, and all it took was a different number to be substituted in the URL.