The dust of the MobiKwik data breach was just beginning to settle as another data breach takes center stage. This time it is India’s second-largest stockbroker, Upstox. Out of the total user base of nearly three million users, reportedly two and a half million were affected in the alleged data breach. Indian security researcher Rajshekhar Rajaharia (who also disclosed the MobiKwik data breach) brought it to light when he tweeted that the notorious threat group “ShinyHunters,” was behind the leak.
Again Huge KYC Leak!! approx 2.5 Million @upstox Users Including 56 Million KYC files alleged leaked by ShinyHunters from UpStox Server. Data Including Name, Email, DOB, PAN, Bank Details, KYC(Passport, PAN, Cancelled Cheque, Sign Pics etc.) #infosec #GDPR #databreach pic.twitter.com/IZQIWVD0MM
— Rajshekhar Rajaharia (@rajaharia) April 11, 2021
Details on the Data Breach
Rajaharia attached morphed screenshots of various leaked KYC (know your customer) details, which Upstox had collected while opening the user accounts on their stockbroking platform. As per the information disclosed, the following details were leaked:
- Full Names
- Date of Birth
- PAN (Permanent Account Number)
- KYC details including copies of passport, canceled cheques, signature pics, etc.
According to Rajaharia, Upstox’s data leak reason is similar to the MobiKwik incident. In both cases, the company’s Amazon Web Service (AWS) key was compromised, which led to illicit access to its database.
Upstox CEO Addresses the Issue
On the other hand, Upstox has neither confirmed nor denied the data breach. However, the company’s co-founder and CEO, Ravi Kumar announced on its website that “enhanced security measures” have been taken for Upstox user accounts “in light of recent events.” Kumar added that Upstox has roped in a global cybersecurity firm to increase the manifolds in its security system.
While Kumar did not confirm the claims, he did suggest that, as per claims from security experts, “some contact data and KYC details may have been compromised from third-party data-warehouse systems.” Also, further assuring his users, he exclaimed that none of the platform users’ funds and securities were compromised and are safe and protected.
Upstox has already reported the incident to the relevant authorities and is taking all preventive measures, including real-time monitoring and restricted access to the allegedly impacted database. Further throwing caution to the wind, Upstox has also initiated a secure password reset to all its users via OTP.
Aditya Narang, Co-founder & MD, SafeHouse Technologies, told CISO MAG, “It is quite unfortunate to witness data breaches time and again. We have seen how cybercrimes and attacks are on the rise for the last couple of months. Data breaches at Facebook, Linkedin, Mobikwik, and now Upstox! It is time that the users accept that hackers out there are innovating methods to hack them and leave their data vulnerable on the dark web. While organizations are trying to find solutions to protect their stakeholders, these stakeholders also need a real-time security for their digital identity especially in today’s times.”