Rossmann Mobile App Data Breach - Viewing Other Customer Orders

On October 2, I logged into the Rossmann mobile application. A pop-up appeared inviting me to join a campaign. When I clicked to participate, a profile page belonging to an unknown individual appeared, displaying their contact information and order details. I do not know this person, and the account shown was completely unrelated to me. When I clicked on my own profile, I saw that my account was still active. However, when I returned to the main screen and clicked on the campaign participation pop-up again, I was once more directed to the same profile, where I could view this other person’s account and order information. This indicates that the Rossmann application does not properly safeguard user data, as it allows personal information of one customer to be displayed to another. This is a very serious violation of data protection and poses a significant risk to user security. I would also like to note that this was my first time using the Rossmann app, earlier this week. After receiving my orders, I intend to delete all my account information and previously entered data, then uninstall the application from my device. Due to this incident, I will not be using the application for future purchases. Although I am aware that Rossmann may continue to store membership and account data even after account deletion, I sincerely hope that this information will be stored in a secure and confidential manner. For reference, I was using the latest version of the application on my iPad device. I kindly request that this matter be investigated urgently, that the necessary technical and administrative measures be taken, and that I receive an official response regarding this serious breach.