What steps have you taken to address the issue you mentioned in your original post? Have you called Tata Capital and asked to speak with someone at the IT department? Tell them to add a disallow statement to robots.txt and those pages should get deindexed quickly.
My understanding of what happened here is that an external service (such as this one[0]), picked up the "tclzip.tatacapital.com" domain name, and through that the Google crawler also found it. At the time it found it, the "tclzip.tatacapital.com" domain had no folder restrictions, so Google's crawler was able to travel through all the directories and see the files that were in them. This appears to have been happening up until 12 months ago.
I have contacted the CISO and CEO of the company - but they have been non responsive. I have also contacted CERT (India's department for Cyber Security) - they have also been non responsive. This is my last try to get this fixed - I don't like the fact that multi million dollar companies are so lax in security because they don't bear the consequence of these leaks, unlike customers like us.
12 comments
[ 4.7 ms ] story [ 37.1 ms ] threadMy understanding of what happened here is that an external service (such as this one[0]), picked up the "tclzip.tatacapital.com" domain name, and through that the Google crawler also found it. At the time it found it, the "tclzip.tatacapital.com" domain had no folder restrictions, so Google's crawler was able to travel through all the directories and see the files that were in them. This appears to have been happening up until 12 months ago.
[0]: https://subdomainfinder.c99.nl/scans/2023-11-09/tatacapital....
But you can ask the moderators hn@ycombinator.com
Good luck.