India's Biggest Mobikwik 10 Crore Data Leak.

192 views

Embed
Email

From

Username or Email (please add comma after each username or email)

Name	Email

Back

Menu 3

Eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo.

Chrisnoblet3

Uploaded on Apr 1, 2021

Category News & Politics

PPT on India's Biggest Mobikwik 10 Crore Data Leak.

Category News & Politics

Comments

India's Biggest Mobikwik 10 Crore Data Leak.
India's Biggest Mobikwik
10 Crore Data Leak
Introduction
• In what is being called the biggest data leak in Indian history, several independent cybersecurity
researchers have found that the personal data of over 10 crore customers of fintech startup Mobikwik, is
now available for sale on the dark web.
Source: indiatimes.com
Claim of cyber security researchers
• It has already been termed as the largest KYC leak ever. Independent cyber security researchers have
claimed that a database containing KYC details of nearly 3.5 million users of Indian payment app
MobiKwik, in addition to personal and payments data of about 99,224,559 users, is up for sale on the
Dark Web.
Source: indiatimes.com
Alleged data breach
• First tweeted by the independent cyber security researcher, Rajshekhar Rajaharia, and then confirmed
by the French researcher Elliot Alderson, the alleged breach is pegged at 8.2TB data containing users’
phone numbers, emails, passwords, addresses, bank accounts and Aadhaar card details.
Source: www.techradar.com
Denial from Mobikwik
• Mobikwik has denied the breach. But a link from the dark web is available online, and several users on
twitter have claimed seeing their personal details in it.
Source: www.techradar.com
User data for sale
• Some have even posted screenshots of the alleged MobiKwik user data, which was reportedly up for sale
for 1.5 bitcoin or about $86,000 (Rs 69 lakh) on a popular hacker forum.
Source: www.techradar.com
Clarification from MobiKwik
• A media-crazed so-called security researcher has repeatedly over the last week presented concocted
files wasting precious time of our organization while desperately trying to grab media attention. We
thoroughly investigated his allegations and did not find any security lapses," MobiKwik tweeted from its
official handle.
Source: www.techradar.com
False Case
• The company claim that user and company data is completely safe and secure. The various sample text
files that he has been showcasing prove nothing. Anyone can create such text files to falsely harass any
company.
• MobiKwik also said that its legal team will pursue action against the researcher.
Source: www.techradar.com
MobiKwik QR codes
• The denial does not square with the fact that the seller at the hacker forum has also claimed the source
to be MobiKwik. The samples of leaked data, in any case, contain images of MobiKwik QR codes.
Source: www.techradar.com
Personal data of merchants
• The personal data of merchants that have procured loans through Mobikwik is also said to be on sale in
exchange for bitcoins. The leak reportedly also contains card numbers and hashes of over four crore
Mobikwik customers.
Source: www.techradar.com
Dark-web forums
• As per the claim over 8 terabytes (TB) worth of personal user information such as email ids, phone
numbers, names, addresses, passwords, GPS locations, and data related to users’ mobile devices was
taken from Mobikwik’s main server by a hacker named ‘Jordan Daven’ and put on dark-web forums on
January 20.
Source: www.techradar.com