Mobikwik denies data leak

Mobikwik denies data leak

AgenciesUpdated: Wednesday, March 31, 2021, 07:19 AM IST
article-image
Mobikwik denies data leak |

Hackers have leaked the data such as mobile phone number, bank account details, email, and credit card numbers of 9.9 crore Indians allegedly of Mobikwik users which the digital payments company has strongly denied.

The disclosure about the data leak was made by cyber security analyst Rajashekhar Rajaharia who has also written to the Reserve Bank of India, Indian computer emergency response team, PCI Standards and payment technology firms etc.

A hacker group by the name of Jordandaven emailed the link of the database to PTI and said that they do not have any intention of using the data except to get money from the company and delete it from their end.

Jordandaven shared that data of Mobikwik founder Bipin Preet Singh and Mobikwik CEO Upasana Taku from the database.

When contacted, Mobikwik denied the claim.

The company's spokesperson said that as a regulated entity, it takes data security very seriously and is fully compliant with applicable data security laws.

"The company is subjected to stringent compliance measures under its PCI-DSS and ISO Certifications which includes annual security audits and quarterly penetration tests to ensure security of its platform. As soon this matter was reported, the company undertook a thorough investigation with the help of external security experts and did not find any evidence of a breach," the Mobikwik spokesperson said.

Hackers maintained that the database is of Mobikwik and uploaded several pictures of Mobikwik QR code along with documents used for 'Know Your Customer' compliance mainly Aadhaar and Pan card.

Mobikwik said that it is closely working with requisite authorities on this matter, and considering the seriousness of the allegations will get a third party to conduct a forensic data security audit.

"For its users, the company reiterates that all MobiKwik accounts and balances are completely safe," the company spokesperson said.

Rajaharia said that government authorities should thoroughly investigate the data leak immediately as it has wider ramifications that can potentially lead to several financial frauds.

"Full 16 digit card numbers might be unmasked because their encryption algorithm is public now. This massive data breach might be a threat for other banks, and wallets because these days each and every data set is connected to each other," Rajaharia said.

He said that everyone should immediately change the password of their bank account, credit cards etc to keep their money safe.

RECENT STORIES

New And Premium Formats Driving Growth In Indoor Amusement Centres Within Indian Retail, JLL Report...

New And Premium Formats Driving Growth In Indoor Amusement Centres Within Indian Retail, JLL Report...

Everstone Capital Sells 2.16% Stake In Restaurant Brand Asia For ₹113 Crore

Everstone Capital Sells 2.16% Stake In Restaurant Brand Asia For ₹113 Crore

A ₹3.25 Crore Hybrid Powerhouse: BMW's XM Label Edition

A ₹3.25 Crore Hybrid Powerhouse: BMW's XM Label Edition

The Sodhani Academy Of Fintech Enablers IPO: ₹6.12 Crore Public Subscribed Over 438 Times; NIIs...

The Sodhani Academy Of Fintech Enablers IPO: ₹6.12 Crore Public Subscribed Over 438 Times; NIIs...

Maharashtra: Tata Power Renewable Energy Secures 400 MW Hybrid Project From MSEDCL, Largest...

Maharashtra: Tata Power Renewable Energy Secures 400 MW Hybrid Project From MSEDCL, Largest...