Tech News

MobiKwik Indian user data leak

mobikwik logo image

MobiKwik Indian user data leak Reportedly MobiKwik exposed the KYC details and personal information of its close to 3.5 million users. All of this information is on sale for 1.5 Bitcoin, which is near equals to $85,000, according to reports. The company, however, has denied any such breach.

According to a security researcher, on the 29th of March, the well-known digital wallet and payment company Mobikwik had been leaked on the dark web. the data breach leaked sensitive information. Payment app MobiKwik on Monday came under news headlines for an alleged data leak that has exposed close to 8.2 terabytes(TB) of data. These include the user’s Know-Your-Customer (KYC) details, Aadhar card, phone number, address, and other personal information.

About 3.5 million users worry not only their credit and debit card details are available on the dark web. But their Mobikwik account number details, names, email addresses, passwords, GPS location, and mobile phone details like IMEI have also been hacked.

Security researchers have claimed that it is the largest KYC data leak in history.

Rajshekhar Rajaharia had said “11 Crore Indian Cardholder’s Cards Data Including personal details & KYC soft copy(PAN, Aadhar, etc) allegedly leaked from a company’s Server in India. 6 TB MySQL dump”.KYC Data and 350GB compressed

The leak was first spotted in February by security researcher Rajshekhar Rajaharia, which the company had denied at the time, and then by the French hacker and security researcher named Elliot Alderson.

Reportedly the data leak includes around 36,099,759 files size. It also includes 99,224,559 user phone numbers, hashed passwords, and the data is around to 8.2 TB. The hacker has reportedly set up a dark web portal where users can search for phone numbers and email ID to get the details. It also includes a total of 350 gigabytes of MySQL dumps that include 500 databases. It also consists of 99 million mail, phone passwords, Addresses and data surrounding installed apps, IP addresses, GPS locations, etc.

According to the national cybersecurity agency, cyber attacks have surged from 53,117 in 2017 to 208,456 in 2018, 394,499 in 2019, and 1158208 in 2020.

French hacker Robert Baptiste, also known as Elliot Alderson on Twitter, followed up on the topic of interest and gave his two cents. His tweet read, “Probably the largest KYC Data Leak in history. Congrats MobiKwik…” This tweet was attached with a screenshot of the leaked data.

The screenshot showed, adding that it contained KYC data of nearly 3.5 million people. It is reported to be up for sale on the Dark Web

In a statement MobiKwik rejects that such a data breach has occurred, MobiKwik spokesperson said “Some media-crazed so-called security researchers have repeatedly attempted to present concocted files wasting precious time of our organization as well as members of the media. We thoroughly investigated and did not find any security lapses. Our user and company data is completely safe and secure.” MobiKwik has denied the data breach.

MobiKwik had last week raised $7.2 million in a funding round prior to the listing on the stock exchange. reportedly MobiKwik raised $7.2 million in a funding round after which it got listed on the stock exchange. According to Entrackr, Mobikwik’s post-money valuation currently stands at $493 million with the latest funding round.

Topic