BlueTokai Doesn't Care about User Data

[UPDATE] - So I received mail from them stating they have already started the work on it and also added a quick fix thanks to all the support by you guys else It would have never been possible by me alone. I still have to vailade the fix which they applied will keep you guys posted about that too.

So few days back I found the bug on the bluetokai website where I can bruteforce the orderID but it was not that big issue as even after tracking id I possibly can't get users personal data out of it. But than I saw the logistics partner's website which they are using has major bug. Like any user with just the AWB number which we can get easily from bluetokai website itself, Can easily see your name, personal address and email.

Now if you don't care about your number, email and personal address getting leaked than it's okay. And Just to tell every user is affected by this bug on the platform.

I would appreciate if anyone knows someone who can possibly help me getting this fixed asap.

Note:- I already did send them everything which they needed like the propf of concept and how to replicate the bug but haven't heard anything from them yet.