Over 100 million MobiKwik user data leaked in Cyber Attack

MobiKwik, an India company that facilitates mobile based payment services, is trending on Google for alleged data breach that the company has readily denied. Going further into details, a French Cybersecurity researcher named Elliot Anderson is claiming to have found a data trove of over 3.5 million accounts available for sale on the dark web.

Another Indian security researcher named Rajshekar Rajaharia has confirmed the news and said that the digital payment firm has been provided the evidence for proof.

However, Bipin Preet Singh, CEO of MobiKwik, has claimed the news as false and assured that no data leak took place on the company servers or at the third party payment services.

Mr. Bipin added that the company has taken the incident seriously and will surely conduct a data audit followed by a third party security review to confirm its stand on an official note.

Note 1- MobiKwik data leak was being discussed on various social media platforms from early this month and some twitter users claim that the hack might have taken place last month and since the company failed to bow down to the demands of hackers, they released a data worth 8.2 terabytes for evidence. And the leaked information includes KYC details of customers, their addresses, phone numbers, Aadhaar card details and card details that were linked to the MobiKwik Wallet, respectively.

Note 2- A telegram message posted by a user group is seen circulating on the dark web that claims to provide a link to a data trove that contains KYC details of over 3.5 million people, 99 million user phone numbers, email ids, hashed passwords and addresses- all for just a fee of 1.5 BTC or $85,000.

Note 3- As per the stats released in November 2016, MobiKwik reported having over 1.5 million merchants linked to its service and claims to have over 55 million customers.

Ad
Join over 500,000 cybersecurity professionals in our LinkedIn group "Information Security Community"!
Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display