A password will be e-mailed to you.

A MASSIVE DATA LEAK BY MOBIKWIK; DENIALS ON GROUND

Data is the new normal; and you cannot afford to get your data leaked or breached. Usage of wallets has made things easy but no easiness can be placed in equality with your data privacy.

In this electronic era; being digital has been the necessity especially after pandemic where you had to step in this world as you had no other choice to pay bills & rent.

But the most sensitive string in this market is security. Once that stands broken; you lose everything starting from trust to share will be at stake.

 

BACKGROUND OF MOBIKWIK

It is a company founded in 2009 by Bipin Preet Singh and Upasana Taku; that is basically phone-based payment system & digital wallet. It is India’s leading fintech platform that has its market in consumer payments, financial services & payment gateways.

They are holding a investment of $ 110 million from different investors.

120 million users

3 million merchants

300 plus billers

20 million users are pre-approved the digital credit card which is the flagship of Buy now & pay later.

The company is in partnership with Uber for its utilization by drivers and also with Google in order to give facility of recharge with google search.

 

INSIGHTS INTO ISSUE

Monday was not quite good for the company Mobikwik as they were allegedly targeted for a data leak. It was disclosed that close to 8.2 terrabytes of data that comprises of KYC details, addresses, phone numbers of its 3.5 million users.

The company however denied the instances that were quoted. It was first reported by the security researcher Rajshekhar Rajaharia.

Later; a lot of users were able to access their data on data web simply by clicking on a link.

The screenshots went viral and a user who was recipient for sale of 1.5 bitcoin that stands close to $ 86000 went on internet buzz platform. Then company took decision to come in front and keep their view.

“Some media-crazed so-called security researchers have repeatedly attempted to present concocted files wasting precious time of our organisation as well as members of the media. We thoroughly investigated and did not find any security lapses. Our user and company data is completely safe and secure,” the company  spokesperson said.

 

The issue gained heat as the researcher tweeted about the incident  stating that it is a dump of 6TB of KYC and 350 GB of Mysql . Further he also added that a similar thing occurred way back in 2010 and the company deleted it blog. The tweets were retweeted by the French hacker as “ probably the largest KYC leak in the history”.

The researcher Indrajeet Bhuyan also claimed that the data set is quite large and has enough scope of scamming. The major passwords are encrypted but the details like Aadhar card & pan card are not masked. The vulnerability is quite high. The scammers have definitely found an easy way.

 A $ 493 million valuation company dealing with the most sensitive area which is fintech has definitely created a lot of trouble. Now let’s see how the things are managed by the team ahead. However the challenge will surely pose different hurdles.

Comments

comments

No more articles
Send this to a friend