Around 10 crore Mobikwik users Data is on the Darknet for sale on a hacker forum, according to Rajshekhar Rajaharia an Independent Security Researcher. On Monday, renowned French cybersecurity expert Elliot Anderson aka Robert Baptiste backed Rajaharia's claim on the alleged server breach at the digital wallet company and called it The Biggest KYC data leak to date.
A hacker was selling MobiKwik user data such as PAN card numbers, Aadhaar, debit/credit cards, phone numbers, and other personally identifiable details that are usually shared during the Know Your Customer (KYC) procedure, Rajaharia said in February.
“Personal data of several high-profile Indian tech company founders were found in the compressed data dump,” --- Rajshekhar Rajaharia.
The data dump on the darknet is reported to be around 350GB in size. Mobikwik has denied any data breach in its servers.
"Some security researchers have repeatedly attempted to present concocted files wasting precious time of our organization. We thoroughly investigated and did not find any security lapses. Our user and company data is completely safe and secure,"
--- Mobikwik spokesperson.
“In a bid to prove the authenticity of the data leak, the unknown seller opened a search bar on the dark web. Users can type their registered email-ID to see if their data is compromised or not,” --- Rajaharia.
In addition to the data of 9.9 crores MobiKwik users, key identification details such as passport, Aadhaar card, Pan card, selfies, store picture proof of 30 lakh merchants including are also on sale, according to Rajaharia.