![[Valid Atom 1.0]](valid-atom.png "Validate my Atom 1.0 feed")
MobiKwik said that it'll get a 3rd party to conduct a forensic data security audit to supply clarity on the matter.
MobiKwik's user data has allegedly been breached and is purportedly available for access by hackers through a fanatical program . The Gurugram-based digital wallet company is denying the info breach. However, independent security researchers have claimed that the info — over 8.2TB in size — has been placed on sale on the dark Web for quite a while now. Gadgets 360 was first informed about the alleged data breach in February. The hackers group, that allegedly had access to the info for months, has now made it accessible through an enquiry engine that means a number of the leaked data elements — including the names, phone numbers, and email IDs of many affected users.
Denying the claims of any sensitive data leaks, MobiKwik said that it didn't find any evidence of a breach.
“As a regulated entity, the corporate takes its data security very seriously and is fully compliant with applicable data security laws. the corporate is subjected to stringent compliance measures under its PCI-DSS and ISO Certifications which incorporates annual security audits and quarterly penetration tests to make sure security of its platform,” a MobiKwik spokesperson said in an emailed statement.
The spokesperson added that the corporate was closely “working with requisite authorities” on the matter and can get a 3rd party to conduct a forensic data security audit, considering the seriousness of the allegations.
“For its users, the corporate reiterates that each one MobiKwik accounts and balances are completely safe,” the spokesperson said.
Cyber-security researcher Rajshekhar Rajaharia first informed Gadgets 360 about the info breach on February 25. He had said that credit and open-end credit details, names, email addresses, and other details of quite 100 million users were leaked on the dark Web. The researcher also stated that aside from the small print in text, know-your-customer (KYC) information that included scanned documents like Permanent Account Number (PAN) and Aadhar cards also as bank statements of over five crore users were placed on sale by the hackers group that's known by pseudonym “ninja_storm.” The researcher had shared some sample files that included a table structure with a reference about MobiKwik's payment gateway Zaakpay.
Shortly after receiving the small print from the researcher, Gadgets 360 reached bent MobiKwik co-founders Bipin Preet Singh and Upasana Taku. The executives, however, didn't provide any clarity on the breach at that point . An email sent to CERT-In also didn't receive any correspondence.
MobiKwik on March 4 publicly denied its role within the data breach and called the researcher “media-crazed”, without naming Rajashekar explicitly. the corporate also alleged that the researcher in question presented “concocted files” to “grab media attention”.
However on Monday, French security researcher Robert Baptiste, who's referred to as Elliot Alderson on Twitter, posted the small print about the alleged data breach. He also provided the small print about the program that was purportedly created by the hackers group on the dark Web and included some user details.
Several users on social media posted that they were ready to find their details from that program
However, BIONICK TECH wasn't ready to independently verify whether the available details were associated with the alleged MobiKwik data breach
0 Comments