Biggest KYC Data Breach in History

Breach Summary:
As much as 8.2 terabytes of personal information data has allegedly leaked from users of India-based MobiKwik mobile payment’s wallet application and onto the dark web, according to a report from India Times. MobiKwik, one of India’s largest mobile payment networks connecting 300 million users to 70,000 plus retailers, was breached in Feb 2021. The breach leaked the KYC (Know Your Customer) data from about 3.5 million users. The data consists of very critical personal and financial information like name, phone number, passports, pan cards, Aadhar Cards, passwords, addresses, credit and debit cards.

The hacker, by the name Ninja_Storm, had setup a website to present the proofs that he was in possession of the data. Several users validated that their data was indeed available with the hacker. MobiKwik denied the breach, despite user confirmation and online proof.

This, and many such incidents, illustrate the fact that today’s digitally connected universe needs to be more secure. As users adopt new apps and services, they need to be more cyber savvy and choose wisely the companies they entrust with critical personal information. Employees are the first line of defense against most cyber-attacks. Here are some tips and best practices to keep employees safe.
SecurityAdvisor Employee Tips :
Use limited and trusted apps for personal and financial information.
Read the terms and conditions of each new service or app.
Check reviews before subscribing.

Weigh the risk and reward - convenience vs. exposure.
Always enable multi-factor authentication for all the apps and services if available.
Delete accounts and information from financial apps and services that you are no longer using.

Learn how SecurityAdvisor can help your team

Schedule some time to talk with one of our experts and they will show you how we can help your organization.

Request A Demo