After Juspay 10cr data breach, now it is turn of Mobikwik

The growth of Digital Payments is growing day by day in today’s connected world, with its convenient in eased payments and transactions, at the same time, it brings the potential risk for the user and the keeper/custodian both. The growth we are seeing and can be attributed to technological advancements, Internet penetration, mobile phone uprise, online payment adoption by consumers, SMBs, banks alike, innovative solutions such as UPI, IMPS, wallet integration, etc.

the threat landscape has also grown dynamically as an unintended effect of the progressive momentum. This warrants attention from all stakeholders involved in the payment ecosystem to join hands and curb the growth of frauds and payment scams.

A question comes on, weather the cash economy is good or this plastic/digital economy. With this digital economy there are many feeling unsecure on the transaction. With the increasing cyber and malware attack, a question arises on the associated risks.

Last month we have heard the data leak of Sensitive information of over the data of 10 Cr debit and credit cardholders has been leaked on the dark web. The data has been leaked through a faulty server of mobile payments company juspay. The data that was leaked on the dark web included names, phone numbers, and email addresses of the users, first and last digits of their cards. Juspay processes payments for companies including Amazon, MakeMyTrip, and Swiggy, among others.

The leaked data, which is in the form of a data dump, appears to have been leaked through a compromised server of Bengaluru-headquartered mobile payment solutions company Juspay.

Cybersecurity researcher Rajshekhar Rajaharia, who first alerted VARINDIA of this development, said that the data was being sold on the dark web for an undisclosed amount. Rajaharia added that such data could fetch a hacker a handsome amount of money on dark web marketplaces.

Just two days back again the news has come and the same security researcher has claimed on the data leakage on the Mobikwik server , the cybercriminal has done the attack on 11 Crore Indian Cardholder's Cards Data Including personal details & KYC soft copy(PAN, Aadhar etc) allegedly leaked from a company's Server in India. 6 TB KYC Data and 350GB compressed mysql dump.

The MobiKwik Annual Report FY2020 says, there are 325 passionate Indians who serve 120 million users and 3 million retailers in India. This happened 2nd time this year. Hacker claiming that he was having access in company's server since Jan 2021 to till today. They also posted some DB structures with sample. Hope someone will take responsablity for this breach.

The research again claimed there is another database of Indian online business news website has hacked. All the data has dump openly.