News Mobikwik data breach - personal data of 3.5 million users up for sale on dark web

Status
Not open for further replies.
D

D C

Herald
www.indiatimes.com

8.2 TB Of MobiKwik User Data Allegedly Hacked, Company Denies Breach

The data that's on offer includes a total of 350 gigabytes of MySQL dumps that include 500 databases. It also consists of 99 million mail, phone passwords, addresses and data surrounding installed apps, IP addresses, GPS locations etc.
www.indiatimes.com www.indiatimes.com

Tech News - Latest Technology News Today, Mobile News, Latest Gadget Advice | Techlusive India

Tech News - Get latest updates on technology news, upcoming phone, gadgets, review, mobile price, online games. Stay tuned to know more tech news at Techlusive.in.
www.bgr.in www.bgr.in


Onion link- http://mobikwikoonux37wauz6oqymshuvebj5u763rutlogc2fb2o3ugcazid.onion/

I checked my details, matches what I had in my mobikwik profile. Checked for my friend, he confirmed the card details are correct.

Edit: password is hashed and card details partially blanked. I am assuming the leaker has them in full clear text, just removed them for public viewing.
 
  • Like
Reactions: kalph09, nishthecooldude and Crazy_Eddy
Yes, but it works intermittently. Failed to connect to backed errors. I tried after a few minutes. Try a new node or refresh your tor connection.

Apparently, the breach happened on 4th March. Lots of people confirming data leak is real.
https://twitter.com/x/status/1367489330902675463

Edit- Onion link seems to be down now.
 
Last edited:
www.indiatoday.in

Mobikwik data breach said to be largest KYC leak, personal data of 3.5 million users up for sale on dark web

Payment app Mobiwik came under the scanner on Monday after a security researcher claimed that the data of 3.5 million users were put up for sale on dark web.
www.indiatoday.in www.indiatoday.in


Earlier they had denied. But several users are responding to this tweet.
https://twitter.com/x/status/1367489330902675463


Onion link for those who want to try
http://mobikwikoonux37wauz6oqymshuvebj5u763rutlogc2fb2o3ugcazid.onion/
Click to expand...
 
  • Like
Reactions: calvin1719
Yup, unless there is a law to mandate good data security practices and severe fines for breaches, the companies have no incentive to actually care and spend money on data security.
 
Looks like they are preparing a press release because they haven't said anything.
 
Again, Not surprised at all. The key weakness with most mobile app/service startups is not investing enough in information security. They spend a lot on marketing and this is the price they pay.
 
Bunch of bafoons, they should be penalized for this. Pancard, aadhar cards, photos, address, credit card numbers (masked) everything is available.

This is a criminal offence.
 
  • Like
Reactions: Kaleen Bhaiya
Other payment services and other services in general that collect such sensitive user information should learn from this and strengthen their security.
 
  • Like
Reactions: anikptl
Glad not to have done any KYC with them. Although had added a few credit card details into it.
Always got that shady vibe when using the app.
 
Status
Not open for further replies.
Top Bottom