Scoopfeeds — Intelligent news, curated.
pakistan

Is Dil Ka Rishta safe as technical glitch in API Exposed Data of over 5,000 users?

Pakistan Observer · May 18, 2026, 7:35 PM

Why this matters: local context for readers following news across Pakistan and the region.

KARACHI – In Pakistan’s growing online Matrimonial market, Dil Ka Rishta remains among top choices as it made huge branding on digital rishta solution, until now, as a recent API flaw and misconfigured Cloud Storage allegedly exposed data of more than 5000 users. The report suggests that the exposed data includes a wide range of personally identifiable and sensitive attributes. These reportedly include full names, phone numbers, dates of birth, marital status, and other details. As per reports, a serious data privacy concern involving Dil Ka Rishta claimed that a vulnerability in its mobile API may have exposed the personal information of around 5,600 users. The issue stems from an Insecure Direct Object Reference (IDOR) vulnerability. In simple terms, this occurs when an application exposes internal identifiers, such as sequential numeric profile IDs, without properly checking whether a requesting user is authorized to view the corresponding data. By manipulating these IDs in API requests, an attacker could potentially access other users’ profiles without authentication. The platform’s backend, described as Laravel-based, is alleged to have lacked sufficient authorization validation at the API layer. As a result, user profiles could reportedly be accessed in sequence by incrementing numeric identifiers, effectively enabling systematic retrieval of stored records. A user named itsRdhere exposed this on Telegram, as he claims that the system did not implement adequate rate limiting. This type of control is typically used to prevent automated abuse by restricting how frequently a single user or script can make requests. Without it, large-scale automated scraping becomes significantly easier. The report suggests that the exposed dataset includes a wide range of personally identifiable and sensitive attributes. These reportedly include full names, phone numbers, dates of birth, marital status, religious affiliation, caste and ethnicity details, educational qualification

Article preview — originally published by Pakistan Observer. Full story at the source.
Read full story on Pakistan Observer → More top stories

More in pakistan

ARY News
Sikandar Raza wins two major sports awards in Zimbabwe
ARY News
How to Secure Your WhatsApp Account Before You Lose Access
ARY News
Kuwait rolls out new service for work permit renewal
ARY News
Elon Musk Sparks Controversy Over Christopher Nolan’s Casting Choices
ARY News
‘Target destroyed’ Trump shares set of AI-generated alien posts

Browse all pakistan coverage →

Aggregated and edited by the Scoop newsroom. We surface news from Pakistan Observer alongside other reporting so you can compare coverage in one place. Editorial policy · Corrections · About Scoop