Hackers maintained that the database is of Mobikwik and uploaded a number of photos of Mobikwik QR code together with paperwork used for ‘Know Your Customer’ compliance primarily the Aadhaar and PAN card
New Delhi: Hackers have leaked the data similar to cell phone quantity, checking account particulars, electronic mail, and bank card numbers of 9.9 crore Indians allegedly of Mobikwik customers, which the digital funds company has strongly denied.
The disclosure concerning the data leak was made by cybersecurity analyst Rajashekhar Rajaharia who has additionally written to the Reserve Bank of India, Indian pc emergency response group, PCI Standards, and cost expertise companies, and so forth.
A hacker group by the identify of Jordandaven emailed the hyperlink of the database to PTI and mentioned that they don’t have any intention of utilizing the data besides to get cash from the company and delete it from their finish.
Jordandaven shared the data of Mobikwik founder Bipin Preet Singh and Mobikwik CEO Upasana Taku from the database.
When contacted, Mobikwik denied the claim.
The company’s spokesperson mentioned that as a regulated entity, it takes data safety very severely and is absolutely compliant with relevant data safety legal guidelines.
“The company is subjected to stringent compliance measures under its PCI-DSS and ISO Certifications which includes annual security audits and quarterly penetration tests to ensure the security of its platform. As soon this matter was reported, the company undertook a thorough investigation with the help of external security experts and did not find any evidence of a breach,” the Mobikwik spokesperson mentioned.
Hackers maintained that the database is of Mobikwik and uploaded a number of photos of Mobikwik QR code together with paperwork used for ‘Know Your Customer’ compliance primarily the Aadhaar and PAN card.
A media-crazed so-referred to as safety researcher has repeatedly over the past week introduced concocted recordsdata wasting your time of our group whereas desperately making an attempt to seize media consideration.We totally investigated his allegations and didn’t discover any safety lapses. 1/n
— MobiKwik (@MobiKwik) March 4, 2021
Mobikwik mentioned that it’s intently working with requisite authorities on this matter, and contemplating the seriousness of the allegations will get a 3rd get together to conduct a forensic data safety audit.
“For its users, the company reiterates that all MobiKwik accounts and balances are completely safe,” the company spokesperson mentioned.
Rajaharia mentioned that authorities authorities ought to totally examine the data leak instantly because it has wider ramifications that may probably result in a number of monetary frauds.
“Full 16 digit card numbers might be unmasked because their encryption algorithm is public now. This massive data breach might be a threat for other banks, and wallets because these days each and every data set is connected to each other,” Rajaharia mentioned.
He mentioned that everybody ought to instantly change the password of their checking account, bank cards, and so forth, to maintain their cash protected.