Angel One said that certain malicious actors gained unauthorised access to information such as name, email and mobile number of users
The broking firm said that the incident had no impact on client securities, funds and credentials
Working on measures to identify the source of the breach, have beefed up existing tech infrastructure: Angel One
Inc42 Daily Brief
Stay Ahead With Daily News & Analysis on India’s Tech & Startup Economy
Stock broking firm Angel One on Friday (April 21) reported a data breach that compromised the personal data of many of its users.
The breach came to light after the company received emails claiming unauthorised access of client data. In a regulatory filing with the bourses, Angel One said that certain malicious actors gained unauthorised access to information such as name, email and mobile number of users.
However, the broker did not specify the reason for the leak or the number of users impacted by the incident.
The company claimed that there was no impact on client securities, funds and credentials, and added that all client accounts were secured. Meanwhile, it said it has undertaken measures to identify the source of the data leak and beefed up the current infrastructure to prevent any further breaches.
“We are working on measures to identify the source of the breach. Meanwhile, our current infrastructure has been validated to prevent any further unauthorised access,” the company said.
Saying that the leaked data could not be used for any transactions, Angel One added that clients’ login credentials were stored in an encrypted format in its systems and as such were not compromised. Assuaging the impacted users, the company said it deploys two-factor authentication for user identification, including verification by one-time password and a PIN code.
The company made the disclosure in the early hours of the day. Later, its shares came under pressure and ended the day 1.28% lower at INR 1,222.40 on the BSE.
Founded in 1996 as Angel Broking, the brokerage firm rebranded to its current avatar in 2021. It offers a slew of services including online stock broking, depository services, commodity trading and investment advisory services.
Despite the market headwinds, Angel One has been posting healthy financial numbers. It reported a 31% year-on-year (YoY) growth in net profit to INR 205 Cr in the fourth quarter of the financial year 2022-23 (FY23), while revenue surged 21.2% YoY to INR 826 Cr in Q4 FY23. EBITDA (earnings before interest, tax, depreciation and amortisation) stood at INR 370 Cr.
The data breach came a couple of months after the company’s chief executive officer (CEO) Narayan Gangadhar announced his resignation citing personal reasons.
The incidents of cyber crimes have been on the rise in the country for the last few years, with many companies and startups suffering data breaches. Earlier this week, online furniture rental startup RentoMojo reported a data leak.
In March, it was reported that personal sensitive data of hundreds of thousands of customers and gig workers was exposed by at-home salon startup Yes Madam due to a server-side misconfiguration.
In February, a security researcher claimed that a data breach at train ticketing platform RailYatri exposed the data of more than 31 Mn customers. However, the platform rejected the report and said that the data referred to by the researcher was old and pertained to a December 2022 data breach.
In February itself, social media platform Slick also faced a data breach which allegedly exposed the personal data of 1.53 Lakh users, primarily school-going children.
As per government estimates, India witnessed more than 13.91 Lakh cybersecurity-related incidents in 2022. In contrast, a senior Google executive last year claimed that the country saw as many as 1.8 Cr cyberattacks a day.
{{#name}}{{name}}{{/name}}{{^name}}-{{/name}}
{{#description}}{{description}}...{{/description}}{{^description}}-{{/description}}
Note: We at Inc42 take our ethics very seriously. More information about it can be found here.