×

Mobikwik denies data breach as cybersecurity researchers say 3.5 million users' data for sale

8.2TB of data is being put up for sale on the deep web for 1.5 bitcoins

The know-your-customer (KYC) information of 3.5 million MobiKwik users has allegedly been leaked, with a hacker asking for 1.5 bitcoins in exchange for 8.2TB of data.

The breach was highlighted by a French security researcher who goes by the name Elliot Anderson. He has flagged such leaks of Indian users' data in the past.

The leaks, which have apparently been known for a while, were flagged by security researcher Rajshekhar Rajaharia, who had pointed out the existence of the database earlier in March. Reportedly, over 37 million files including the KYC of 3.5 million individuals—100 million phone numbers, emails, passwords, geodata, bank accounts and CC data—were leaked.

The hacker, who had posted onto an onion link on the deep web, reportedly allows users to search for their phone number of mail ids. The hacker called it the “Biggest KYC data leak ever”.

Some users posted saying they had found their data included in the files.

MobiKwik have denied the leak, saying “Some media-crazed so-called security researchers have repeatedly attempted to present concocted files wasting precious time of our organization as well as members of the media. We thoroughly investigated and did not find any security lapses. Our user and company data is completely safe and secure.”