Advance Salary Startup EarlySalary Reports Data Breach On Website

Advance Salary Startup EarlySalary Reports Data Breach On Website

SUMMARY

Names and mobile numbers provided by potential customers on the EarlySalary website were compromised

The company said the vulnerability has been fixed and the law enforcement agency has been informed

In response to the breach, additional security has been added in apache to block threats

Pune-based fintech startup EarlySalary reported a security breach — the names and mobile numbers uploaded by potential customers on its website were compromised.

Without mentioning the numbers, the company stated that this data belonged to potential customers.

In an important security update on its website, EarlySalary said that the vulnerability has been fixed and the concerned law enforcement agency has been informed about the matter.

The company also claimed that its central customer database, which includes the data — including sensitive personal details and transactions — of all existing EarlySalary customers, remains completely secure and was not impacted by the breach.

In response to the breach, an additional security has been added in apache to block threats. “The database credentials have been changed, and additional security blocks have been placed on the EarlySalary website. We are working with law enforcement to identify the IP source for this incident. We will further enhance security measures within our database and are working towards implementing PCI-DSS certification to make the platform more secure,” the company said.

Also, EarlySalary will inform the Pune Cyber Security Cell about this incident.

Founded in 2015 by Akshay Mehrotra and Ashish Goyal, EarlySalary is a mobile-first lending platform. It provides salary advances and instant cash loans based on a smart risk scoring system. The fintech startup provides salary advances up to 50% of one’s monthly salary to its users. Till date, the startup has raised $22.1 Mn with the latest being $15.7 Mn (INR 100 Cr) in Series B funding led by Eight Roads Ventures India in January 2018.

Data Bill All The More Important As Breaches Increase

The development comes less than a month after foodtech startup FreshMenu owned up to a data breach from 2016 that it had concealed earlier; the breach reportedly affected 110K Indian users.

Earlier, in 2017, restaurant discovery firm Zomato saw the data of 17 Mn users breached; this included users’ email addresses and hashed passwords.

After the Cambridge Analytica debacle impacting 87 Mn users, social networking giant Facebook reported another massive data breach recently. The company said that in the recent breach, attackers exploited a vulnerability in Facebook’s code that impacted the “View As” feature that lets people see what their profile looks like to someone else. The latest FB attack exploited the complex interaction of multiple issues in the code and compromised the data of 50 Mn Facebook users.

In view of increasing data breaches, it becomes all the more imperative to speed up the implementation of the draft Personal Data Protection Bill 2018.

However, Section 32 of the Bill requires data breach notifications to be made to the proposed data protection authority (DPA) only if the breach is likely to cause ‘harm’ to the data principal. This is a matter of concern as the Bill leaves it to the data fiduciary to judge whether the data breach causes “harm” to the data principal.

The Bill, once enacted, prescribes steep penalties up to INR 5 Cr or 2% of the annual global turnover (of the company in question), whichever is higher, for any contravention of its provisions.

A penalty of higher than INR 15 Cr or 4% of the annual global turnover of the company in question is prescribed for violations such as processing of personal data in contravention of the Bill.

Step up your startup journey with BHASKAR! From resources to networking, BHASKAR connects Indian innovators with everything they need to succeed. Join today to access a platform built for innovation, growth, and community.

You have reached your limit of free stories
Become An Inc42 Plus Member

Become a Startup Insider in 2024 with Inc42 Plus. Join our exclusive community of 10,000+ founders, investors & operators and stay ahead in India’s startup & business economy.

2 YEAR PLAN
₹19999
₹7999
₹333/Month
UNLOCK 60% OFF
Cancel Anytime
1 YEAR PLAN
₹9999
₹4999
₹416/Month
UNLOCK 50% OFF
Cancel Anytime
Already A Member?
Discover Startups & Business Models

Unleash your potential by exploring unlimited articles, trackers, and playbooks. Identify the hottest startup deals, supercharge your innovation projects, and stay updated with expert curation.

Advance Salary Startup EarlySalary Reports Data Breach On Website-Inc42 Media
How-To’s on Starting & Scaling Up

Empower yourself with comprehensive playbooks, expert analysis, and invaluable insights. Learn to validate ideas, acquire customers, secure funding, and navigate the journey to startup success.

Advance Salary Startup EarlySalary Reports Data Breach On Website-Inc42 Media
Identify Trends & New Markets

Access 75+ in-depth reports on frontier industries. Gain exclusive market intelligence, understand market landscapes, and decode emerging trends to make informed decisions.

Advance Salary Startup EarlySalary Reports Data Breach On Website-Inc42 Media
Track & Decode the Investment Landscape

Stay ahead with startup and funding trackers. Analyse investment strategies, profile successful investors, and keep track of upcoming funds, accelerators, and more.

Advance Salary Startup EarlySalary Reports Data Breach On Website-Inc42 Media
Advance Salary Startup EarlySalary Reports Data Breach On Website-Inc42 Media
You’re in Good company