Mobikwik data leak: Personal data of 3.5 million users up for sale on dark web; company denies claims

As per an independent researcher Rajshekhar Rajaharia, millions of personal data of Mobikwik users have been leaked online. First reported by TechNadu website, private information of 3.5 million users has appeared for sale on the dark web. Mobikwik has denied the claims.

French ethical hacker and security researcher Robert Baptiste, who goes by the name Elliot Alderson on Twitter, also highlighted the alleged data breach.

Baptiste said in a tweet that it is “probably the largest KYC data leak in history”.

Mobikwik data leak: Here’s what happened

As per the report, the breached data includes 36,099,759 files that comprise 8.2 terabytes of data. The data is said to be offered for sale at 1.5 bitcoins (or $84,000).

The report further revealed that the breached data includes details such as email addresses, phone numbers, bank account and card details.

Check out the list of documents available on the dark web for sale:

– Total 350GB MySQL dumps – > 500 databases

– 99 million — email ID, phone, passwords, addresses, apps installed, phone manufacturer, IP address, and GPS location

– 40 million — 10 digit card, month, year, card hash

– ~7.5 TB of ~3 million Merchant KYC data – passports, Aadhar cards, pan cards, selfie, store picture proof, and more used to get loans on the mobile phone-based payment system.

Mobikwik denies data breach claims

The company has denied these claims. Mobikwik in an official statement to BGR India stated, “Some media-crazed so-called security researchers have repeatedly attempted to present concocted files wasting precious time of our organization as well as members of the media. We thoroughly investigated and did not find any security lapses. Our user and company data is completely safe and secure.”

Go to Source

Leave a Reply

Your email address will not be published.