According to one of the famous independent researcher, Rajshekhar Rajaharia, personal data of millions of Mobikwik users have been leaked online. This news was first reported by TechNaidu website. According to this report, personal data of more than 3.5 million users has appeared for sale on dark web. However, the online payment platform, Mobikwik has denied from all such claims.
This report was also covered by a French ethical hacker and security researcher named Robert Baptiste. He also handles a Twitter account with the name of Elliot Alderson. He also confirms about the personal data breach of Mobikwik users. Baptiste shares this info with a tweet stating that it could be the biggest KYC data leak in the history.
Mobikwik Data leak: Whole Story
According to reports, this leaked data includes about 36,099,759 files. These files compromises of 8.2Tb data. The report confirms that this data is available for sale at an official price of 1.5 bitcoins. This much value of bitcoins could be equivalent to USD 84000.
Indian payment systems giant "Mobikwik" allegedly suffered what may be considered the largest KYC data leak in history.
— Alon Gal (Under the Breach) (@UnderTheBreach) March 28, 2021
This report further reveals that the breached data from Mobikwik could include all personal details. This detail could include personal information such as email addresses, phone numbers, bank account details and card details. Also Read: Google asks Google Play Music users to switch there data to YouTube Music App
Detailed List of Data available for sale:
At the check out, a list of documents is available on dark web for sale. These documents includes Mobikwik data such as
- 350GB of MySQL dumps, which is approximately equivalent to 500 databases
- A total of about 99 million email address, phone/mobile numbers, passwords, residential/official addresses, app data, phone OEM Details, IP Addresses and GPS location.
- It also contains about 7.5TB of 3 million KYC data. This data includes KYC Document details like Aadhar Card details, PAN Card details, passport details, Profile Pictures and more
A note to our users. pic.twitter.com/J3WRM0Ko8v
— Bipin Preet Singh (@BipinSingh) March 30, 2021
Mobikwik denies data breach claims
Even after this much leaks, the company still denies from such claims. According to Mobikwik Official statement, Some so called media-crazed researchers are repeatedly trying to show some false copy of documents. Thus, they are wasting precious time of the company as well as media members. The statement confirms that the company has thoroughly investigated in this matter. They did not find any such issues and errors. The media spokesperson Mobikwik informs that the user as well as company data is completely safe and secure.