Exclusive: Personal Data Of 7 Mn Indian Cardholders Leaked On Dark Web

Exclusive: Personal Data Of 7 Mn Indian Cardholders Leaked On Dark Web

SUMMARY

The personal data of 7 Mn Indian credit card and debit card users has been leaked on the dark web this month

The leaked database, sized 2 GB, which is on a public Google Drive link, includes cardholders’ names, phone numbers, email addresses, name of employer firms and annual incomes

The leaked database also includes the PAN numbers for 5 Lakh cardholders

The personal data of 7 Mn Indian credit card and debit card users has been leaked on the dark web this month. 

Screenshots of the leaked data reveal that the database, sized 2 GB, which is on a public Google Drive link, includes cardholders’ names, phone numbers, email addresses, names of employer firms, annual incomes, types of accounts and whether they have switched on mobile alerts or not. Further, the leaked database also includes the PAN numbers for 5 Lakh cardholders. 

The leaked data is from the period between 2010 and 2019. 

According to cybersecurity researcher Rajshekhar Rajaharia, who alerted Inc42 about the development, the leaked data can be used by cybercriminals for spam messages and phishing attacks. 

The name of the cardholders’ employer firm would help cybercriminals tailor their spam SMSes and emails to suit the target user. 

Exclusive: Personal Data Of 7 Mn Indian Cardholders Leaked On Dark Web
A screenshot of the leaked database

While it was not possible to verify whether the leaked data for 7 Mn users is genuine or not, Inc42 and Rajaharia have verified the same for at least some users.

Queries to the Indian Computer Emergency Response Team (CERT-In) about the data leak didn’t yield response by the time of publication.

It is worth noting that there is little in common among the cardholders whose data has been leaked. The leaked database consists of cardholders employed with companies such as Axis Bank, Bharat Heavy Electricals Limited, Kellogg India Private Limited and Mckinsey and Company, among several others, with annual incomes ranging from INR 7 Lakhs to more than INR 35 Lakhs. 

The data leak is just the latest in a string of such cyber attacks, impacting millions of Indian users. 

Cybersecurity experts Inc42 has spoken to in the past, mentioned that cyber attacks have certainly risen this year, mostly due to several enterprises adopting work from home processes and handling larger amounts of data amid the pandemic. 

A survey conducted by the security firm Barracuda Networks, a California based leader in the field of data protection, revealed that about 66% Indian companies reported at least one data breach since the shift to the work-from-home model this year due to the countrywide lockdown that was put in place starting March 24, 2020, to contain the spread of the pandemic.

Further, phishing campaigns targeting users en masse with claims such as “Free Covid Tests” have been doing the rounds. 

The Fraud and Risk Management in Digital Payments report by the Data Security Council of India (DSCI) also talks about increased numbers for web-skimming, malware campaigns and phishing scams amid the Covid-19 pandemic. 

The growth in cyber attacks comes at a time when digitisation of the Indian economy is predicted to result in a $435 Bn opportunity by 2025.

Cyber Attacks On Indian Platforms

Recent months have seen several Indian companies, such as Google-backed hyperlocal delivery platform Dunzo, online grocery delivery service BigBasket, popular India food manufacturing company and restaurant chain owner Haldirams, Indian edtech platform Edureka, online travel marketplace RailYatri and even the personal website of Prime Minister Narendra Modi suffer cyber attacks, with the data on these websites being subsequently leaked on the dark web, where it was available for purchase. 

Last month, users’ data from Info Edge-owned jobs portal iimjobs.com had been leaked on the dark web. 

Step up your startup journey with BHASKAR! From resources to networking, BHASKAR connects Indian innovators with everything they need to succeed. Join today to access a platform built for innovation, growth, and community.

You have reached your limit of free stories
Become An Inc42 Plus Member

Become a Startup Insider in 2024 with Inc42 Plus. Join our exclusive community of 10,000+ founders, investors & operators and stay ahead in India’s startup & business economy.

2 YEAR PLAN
₹19999
₹7999
₹333/Month
UNLOCK 60% OFF
Cancel Anytime
1 YEAR PLAN
₹9999
₹4999
₹416/Month
UNLOCK 50% OFF
Cancel Anytime
Already A Member?
Discover Startups & Business Models

Unleash your potential by exploring unlimited articles, trackers, and playbooks. Identify the hottest startup deals, supercharge your innovation projects, and stay updated with expert curation.

Exclusive: Personal Data Of 7 Mn Indian Cardholders Leaked On Dark Web-Inc42 Media
How-To’s on Starting & Scaling Up

Empower yourself with comprehensive playbooks, expert analysis, and invaluable insights. Learn to validate ideas, acquire customers, secure funding, and navigate the journey to startup success.

Exclusive: Personal Data Of 7 Mn Indian Cardholders Leaked On Dark Web-Inc42 Media
Identify Trends & New Markets

Access 75+ in-depth reports on frontier industries. Gain exclusive market intelligence, understand market landscapes, and decode emerging trends to make informed decisions.

Exclusive: Personal Data Of 7 Mn Indian Cardholders Leaked On Dark Web-Inc42 Media
Track & Decode the Investment Landscape

Stay ahead with startup and funding trackers. Analyse investment strategies, profile successful investors, and keep track of upcoming funds, accelerators, and more.

Exclusive: Personal Data Of 7 Mn Indian Cardholders Leaked On Dark Web-Inc42 Media
Exclusive: Personal Data Of 7 Mn Indian Cardholders Leaked On Dark Web-Inc42 Media
You’re in Good company