3.5 Million or MobiKwik user’s data is on sale on Darknet.
It is the biggest KYC digital data leak.
MobiKwik is an Indian company founded in 2009 that provides a mobile phone based payment system and digital wallet. Customers are using to pay through through an digital wallet that can be used for payments. From July 2020, MobiKwik has 120 million users and 3 million retailers in INDIA.
What data included?
- There are 8TB of data, Such as Passport, Aadhaar card, PAN Cards, Photos, phone numbers, and more KYC details.
- Many of the users confirmed seeing their details leaked on the dark web.
- The hackers are charging 1.5 BTC or $86000 to sell the data as per the current price.
Probably the largest KYC data leak in history. Congrats Mobikwik… pic.twitter.com/qQFgIKloA8
— Elliot Alderson (@fs0c131y) March 29, 2021
In Feb 2021, the security researcher Rajshekhar Rajaharia reported to Mobikwik.
Again!! 11 Crore Indian Cardholder’s Cards Data Including personal details & KYC soft copy(PAN, Aadhar etc) allegedly leaked from a company’s Server in India. 6 TB KYC Data and 350GB compressed mysql dump.@RBI @IndianCERT #InfoSec #dataprotection #Finance pic.twitter.com/yjc7davH3k
— Rajshekhar Rajaharia (@rajaharia) February 26, 2021
Some of the users also reported with screenshot
The MobiKwik leak is real. Here is what the dump had for me. One of those credit cards was valid until a couple weeks ago, and I don’t recall authorising MobiKwik to save it. Companies that lie like