MobiKwik User Data Leaked, 3.5 Million Users’ Information Up For Sale in One of the Biggest KYC Leaks Yet

Payments app MobiKwik reportedly exposed data of close to 3.5 million users. According to a security researcher, the data breach leaked sensitive information. These include the user’s Know-Your-Customer (KYC) details, aadhar card, phone number, address, and other personal information. The data leak reportedly includes 36,099,759 files and is close to 8.2TB in size. It also includes 99,224,559 user phone numbers, hashed passwords, etc. The hacker has reportedly set up a dark web portal where users can search for phone numbers and email ID to get the details. MobiKwik has denied the data breach. Let’s take a look at more details around the MobiKwik data breach and the company’s response on the same.

MobiKwik exposed KYC details and other sensitive user data, claims security researcher

MobiKwik reportedly exposed the KYC details and personal information of its 3.5 million users, according to reports. The company, however, has denied any such breach.

Security researcher Rajshekhar Rajaharia first claimed that KYC details and other personal information of several MobiKwik users have leaked online. The data included the user’s Know-Your-Customer (KYC) details, aadhar card, phone number, address, and other personal information. 

Again!! 11 Crore Indian Cardholder's Cards Data Including personal details & KYC soft copy(PAN, Aadhar etc) allegedly leaked from a company's Server in India. 6 TB KYC Data and 350GB compressed mysql dump.@RBI @IndianCERT #InfoSec #dataprotection #Finance pic.twitter.com/yjc7davH3k

— Rajshekhar Rajaharia (@rajaharia) February 26, 2021

The breach includes 36,099,759 files, which is 8.2TB in size. The data also comprises 99,224,559 user phone numbers, email, hashed passwords, addresses, bank accounts and card details. According to a TechNadu report, citing the researcher, the hacker has also set up a dark web portal for users to search results by phone numbers and email IDs. The entire database can be purchased by paying 1.5 Bitcoin.

French security researcher Robert Baptiste, who goes by the pseudonym Elliot Alderson on Twitter, tweeted that this could be the largest data leak in the history.

Probably the largest KYC data leak in history. Congrats Mobikwik… pic.twitter.com/qQFgIKloA8

— Elliot Alderson (@fs0c131y) March 29, 2021

MobiKwik denied any such data breach. “A media-crazed so-called security researcher has repeatedly over the last week presented concocted files wasting precious time of our organization while desperately trying to grab media attention.We thoroughly investigated his allegations and did not find any security lapses. Our user and company data is completely safe and secure. The various sample text files that he has been showcasing prove nothing. Anyone can create such text files to falsely harass any company,” the company said.

A media-crazed so-called security researcher has repeatedly over the last week presented concocted files wasting precious time of our organization while desperately trying to grab media attention.We thoroughly investigated his allegations and did not find any security lapses. 1/n

— MobiKwik (@MobiKwik) March 4, 2021

It also said that the company’s legal team “ will be pursuing strict action against this so-called researcher who is trying to malign our brand reputation for ulterior motives.”

The post MobiKwik User Data Leaked, 3.5 Million Users’ Information Up For Sale in One of the Biggest KYC Leaks Yet appeared first on MySmartPrice.

from MySmartPrice https://ift.tt/3ru4aAY