Personal data of 100m MobiKwik users up for sale on the Dark Web

Personal data of 100m MobiKwik users up for sale on the Dark Web

Desperate hacker puts data on sale after EA torpedoes ransom demand

Indian mobile payments company MobiKwik reportedly suffered a massive breach of user records this year that involved a hacker carting away the personal information of nearly a hundred million Indian citizens.

Earlier this week, security researcher Rajshekhar Rajaharia said he discovered more than 8.2TB of MobiKwik user data on a dark web site that included personal information of Indian citizens like names, phone numbers, email addresses, scrambled passwords, GPS locations, transactions logs, and partial payment card numbers.

According to Rajaharia, a hacker named Jordan Daven has claimed responsibility for breaching MobiKwik and uploaded the stolen data on a dark web forum in January. The sale of the massive data repository taken from MobiKwik has also been confirmed by French cyber security researcher Robert Baptiste aka ‘Elliot Alderson’.

The trove of stolen data, amounting to more than 8.2TB, has reportedly been put up for sale for 1.2 bitcoin which translates to roughly £51,402. The seller is claiming that they have the Know your customer (KYC) data of 3.5 million MobiKwik users and to prove that the data is genuine, have uploaded four random pictures of the raw data dump on the dark web site.

MobiKwik, which says its digital payments services are used by over 120 million people and 3 million merchants, has denied suffering any breach of customer records. Bipin Preet Singh, the company’s CEO, took to Twitter and said that they investigated the matter when it was flagged by security researchers and could not find any evidence of any data breach.

“While we are investigating this, it is entirely possible that any user could have uploaded her/ his information on multiple platforms. Hence, it is incorrect to suggest that the data available on the darkweb has been accessed from MobiKwik or any identified source,” Singh said.

TechCrunch, however, has accessed a screenshot which shows a a MobiKwik official requesting an Amazon representative to share logs relating to its cloud service after the company “came to know that our S3 [cloud storage] data is downloaded by some other person outside the organization.”

Commenting on the reported breach suffered by MobiKwik, John Pocknell, an expert in database management and senior marketing strategist at Quest, said that years of being able to spin up databases at the drop of a hat have led to a situation where many organisations don’t have a clear picture of what they need to secure; in particular, non-production databases that contain personal data, let alone how they need to go about securing it.

“The database ought to be an environment where organisations can have the most visibility and control over the data that they hold, and this type of breach should be one of the more easily avoidable.

“Organisations should ensure that only those users who need access have been granted it, that they have the minimum privileges necessary to do their job and wherever possible, databases should be placed on servers that are not directly accessible on the internet,” he added.

Also Read: Data breach at PayPal subsidiary compromises personal information of 1.6m customers

Copyright Lyonsdown Limited 2021

Top Articles

Double trouble: the rising threat of double-extortion ransomware

Ransomware attackers continue to threaten businesses at an increasing scale, speed and sophistication.

The blurring line between nation-state and cyber-criminals

Russia is widely known to be involved in a plethora of cyber-criminal activity.

XDR: Delivering value where SIEMs fail

Implementing an XDR solution means faster detection, and remediation of cyber incidents

Related Articles

[s2Member-Login login_redirect=”” /]