Image Source : AP/FILE Debit, bank card holders ALERT! Data of 10 crore Indians being bought on Dark Web
Independent cyber safety researcher Rajshekhar Rajaharia claimed on Sunday that knowledge of practically 10 crore credit score and debit card holders within the nation is being bought for an undisclosed quantity on the Dark Web.
According to Rajaharia, the huge knowledge dump on the Dark Web has been leaked from a compromised server of Bengaluru-based digital funds gateway Juspay.
JusPay informed IANS that no card numbers or monetary info had been compromised through the cyber-attack and the precise quantity is far decrease than the ten crore-figure being reported.
“On August 18, 2020, an unauthorised attempt on our servers was detected and terminated when in progress. No card numbers, financial credentials or transaction data were compromised,” an organization spokesperson mentioned in a press release.
“Some data records containing non-anonymised, plain-text email and phone numbers were compromised, which form a fraction of the 10 crore data records,” the spokesperson added.
However, Rajaharia claimed that the info was being bought on the Dark Web for an undisclosed quantity by way of cryptocurrency Bitcoin.
“For this data, hackers are also contacting via Telegram,” he informed IANS.
According to him, PCI DSS (Payment Card Industry Data Security Standard) have been adopted by Juspay in storing customers’ card info.
“However, if the hackers can find out the Hash algorithm used to generate the card fingerprint, they will be able to decrypt the masked card number. In this condition, all 10 crore cardholders are at risk,” Rajaharia famous.
The firm admitted that the hacker gained entry to considered one of Juspay’s developer keys and was spawning new computation servers within the developer account, attempting to achieve entry to any accessible knowledge.
Juspay, nonetheless, mentioned the masked card numbers which were leaked usually are not thought-about delicate as per compliance.
Only “few” telephone numbers and e-mail addresses have been leaked which have dummy values, the spokesperson mentioned, including that it had intimated its service provider companions in regards to the knowledge leak the exact same day.
“No card numbers (like 16-digit card number and other financial credentials) were accessed, as it is stored in a completely different isolated system. No transaction or order information was compromised,” the corporate spokesperson knowledgeable.
“We are making long-term investments for strengthening security and data governance with industry experts,” the corporate mentioned.
Founded in 2012, Juspay final yr raised $21.6 million in its Series B funding spherical.
The spherical was led by Sweden’s Vostok Emerging Finance (VEF), which invested $13 million within the expertise agency, marking its first funding within the nation.
Latest Business News