Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Zota Healthcare Limited

Zota Healthcare Limited Vendor Cyber Rating & Cyber Score

zotahealthcare.com

Manufacturing of pharmaceutical formulations Exporter of pharmaceutical formulations Leader in franchisee marketing in india having 18 divisions and more than 2400 brands Our Sez export unit having who certified and also tuv-Australia approval. We also apply for USFDA. We had apply for 16 unique product for patent in india. Amongs five applied for PCT.


ZHL A.I CyberSecurity Scoring

ZHL
Company Information
Website:http://www.zotahealthcare.com
Employees number:700
Number of followers:9,078
NAICS:3254
Industry Type:Pharmaceutical Manufacturing
Homepage:zotahealthcare.com
ZHL Risk Score (AI oriented)
Between 750 and 799
logo
ZHLPharmaceutical Manufacturing
Updated:
05/03/2026
753/1000
Fair
Baa
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
ZHL Global Score (TPRM)
xxxx
logo
ZHLPharmaceutical Manufacturing
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

ZHL
ZHLFair
Current Score
753Baa (FAIR)
01000
1 incidents
-4 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
754Before Incident
JUNE 2026
754Before Incident
MAY 2026
754Before Incident
APRIL 2026
754Before Incident
MARCH 2026
753Before Incident
FEBRUARY 2026
753Before Incident
JANUARY 2026
753Before Incident
DECEMBER 2025
753Before Incident
NOVEMBER 2025
753Before Incident
OCTOBER 2025
752Before Incident
SEPTEMBER 2025
752Before Incident
AUGUST 2025
756Before Incident
Vulnerability
01 Aug 2025ZHL
Zota Healthcare and DavaIndia Pharmacy: Indian pharmacy chain giant exposed customer data and internal systems

DavaIndia Pharmacy Flaw Exposed Sensitive Customer Data, Allowed Unauthorized 'Super Admin' Access

752After Incident
CRITICAL-4
ZOTDAV1771331028
DavaIndia Pharmacy Flaw Exposed Sensitive Customer Data, Allowed Unauthorized "Super Admin" Access A critical security vulnerability in DavaIndia Pharmacy, the pharmacy arm of Zota Healthcare with over 2,300 stores across India, allowed unauthenticated users to create "super admin" accounts with full system privileges. The flaw, introduced in late 2024, exposed highly sensitive customer data tied to nearly 17,000 online orders across 800+ stores, including health conditions, medications, personal details, and purchase histories. Security researcher Eaton Zveare discovered the bug, which enabled attackers to: - Access and exfiltrate customer data (names, phone numbers, emails, addresses, and purchased products). - Tamper with product listings, including modifying prices and prescription requirements. - Create unauthorized discounts, coupons, and alter administrative controls. Zveare described the exposed data as potentially "private and even embarrassing" due to the nature of pharmacy purchases. While no evidence suggests malicious exploitation, the flaw remained unpatched until mid-September 2025, following Zveare’s responsible disclosure to CERT-In (India’s national cybersecurity agency) in August 2025. DavaIndia confirmed the fix in late November 2025, though no customer action such as password resets was required, as payment data and other secrets remained secure. The incident highlights risks in handling sensitive health-related data, particularly in large-scale digital pharmacy platforms.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Data Compromised: Names, phone numbers, emails, addresses, purchased products, health conditions, medications, purchase historiesSystems Affected: DavaIndia Pharmacy online platformOperational Impact: Unauthorized administrative access, tampering with product listings and discountsBrand Reputation Impact: Potential reputational damage due to exposure of sensitive health dataIdentity Theft Risk: HighPayment Information Risk: None (payment data remained secure)
DATA BREACH
Type Of Data Compromised: Personal identifiable information, health-related data, purchase historiesNumber Of Records Exposed: 17,000 online ordersSensitivity Of Data: High (health conditions, medications)Data Exfiltration: Possible (no evidence of malicious exploitation)Personally Identifiable Information: Names, phone numbers, emails, addresses

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for ZHL ?
?
What was ZHL's A.I Rankiteo Cyber Score in June 2026 ?
?
What was ZHL's A.I Rankiteo Cyber Score in May 2026 ?
?
What was ZHL's A.I Rankiteo Cyber Score in April 2026 ?
?
What was ZHL's A.I Rankiteo Cyber Score in March 2026 ?
?
What was ZHL's A.I Rankiteo Cyber Score in February 2026 ?
?
What was ZHL's A.I Rankiteo Cyber Score in January 2026 ?
?
What was ZHL's A.I Rankiteo Cyber Score in December 2025 ?
?
What was ZHL's A.I Rankiteo Cyber Score in November 2025 ?
?
What was ZHL's A.I Rankiteo Cyber Score in October 2025 ?
?
What was ZHL's A.I Rankiteo Cyber Score in September 2025 ?
?
What was ZHL's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on ZHL's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with ZHL ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view ZHL's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?