MobiKwik User Data Leaked, about 3.5 Million Users Data Up For Sale
Digital wallet and payments app Mobiwik came under the scanner after a security researcher claimed that data of users were put up for sale on the dark web.
The leak was first reported by security researcher Rajshekhar Rajaharia. The researcher claimed that the sensitive data of 3.5 million users was put on the dark web for sale the data included KYC (Know-Your-Customer) details, aadhaar card, phone number, address, and other personal information. Several users had spotted their personal details on the dark web link that was circulated on the internet.
The data leak reportedly is close to 8.2 terabytes in size and contains about 36,099,759 files.
As per media reports, the hacker has set up the dark web portal for users to search results by phone numbers and email IDs. According to the researchers, the database containing KYC details of nearly 3.5 million users of MobiKwik is said to up for sale on the Dark Web at 1.5 bitcoins. The Digital wallet users are up for sale since March 29.
Rajshekhar Rajaharia, an internet security researcher, posted a series of tweets and first claimed that KYC details and other personal information of many MobiKwik users have leaked online.
French security researcher Robert Baptiste, who goes by the pseudonym Elliot Alderson on Twitter, tweeted that this could likely be the largest KYC data leak in history.
However, the company denied any such data breach. MobiKwik said, “A security researcher has over the past week repeatedly presented falsely created files trying to waste the precious time of our organization while trying to grab the attention of the media. We have thoroughly investigated his allegations and have not found any security lapses. Our user data is completely safe and secure. The files he has been showcasing do not prove anything. Anyone can create such fake text files to harass any company.”
The company further added, “Our legal team plans to pursue strict action against this researcher who is trying to malign our reputation for his ulterior motive.”
Many users have even questioned the organization for saving the card details without the permission of users.
MobiKwik reportedly is planning an initial public offering (IPO) around September this year to raise USD 200-250 million. Mobikwik’s post-money valuation currently stands at USD 493 million with the latest funding round. MobiKwik last week has raised about USD 7.2 million in a funding round.