[BreachExchange] “Religare” and “Impact Guru” Leaked the Data of 5.5 Million Indians

Mon Jul 13 10:16:47 EDT 2020

https://www.technadu.com/religare-impact-guru-leaked-data-5-5-million-indians/128446/

Cyble’s dark web sweepers located two more fresh leaks, both belonging
to Indian firms. The first is the health insurer “Religare,” who has
lost over 5 million records as a result of a catastrophic hacker
attack. The second is the crowdfunding platform known as “Impact
Guru”, which lost the details of 507,000 users.

Both sets of stolen data are already available for purchase on the
dark web, as this is where Cyble found them. It is unclear if the
attacks involved the use of ransomware tools, or if the hackers simply
broke in the networks of the companies.

Starting with “Impact Guru”, the non-government organization is a
crowdfunding platform that supports startups and creative individuals
in India, as well as in another 15 countries. It has raised over $21
million since 2015 when it was established, and it is considered
India’s leader in the field.

The malicious actors who targeted “Impact Guru” have managed to steal
507,000 records that contain the following details:

Email IDs in encrypted and also in plaintext form
Banking details of 8,000 users (SWIFT, IFSC, account numbers)
Chat history
Pan Card number
Aadhar Card number
Facebook ID, Twitter ID, Linkedln ID, Apple ID (if available)
Address
Registration Date
Paypal Email
IP Address Location

Source: Cyble Blog

Continuing with the “Religare” breach, this one includes both five
million customers and 6,000 employees of the health insurance firm.
Religare operates over 146 offices across the country, so the
consequences extend vastly.

The details that have been exposed and which are for sale to anyone
willing to buy the packs include the following:

For customers:

Name
Address
Mobile number
Email IDs
Date of birth
Customer ID
Policy number
Start date and end date
Agent assigned
Name of the policy
Sum insured and renewal amount

Source: Cyble Blog

For employees:

Full names
Mobile numbers
Dates of birth
Usernames
Password hashes
Individual authorization keys
Official email IDs
Email signatures having office address and personal mobile numbers
Last login and last logout
Internal IP address through which they connected to the portal

Source: Cyble Blog

Cyble has informed both companies of the data leaks, but it’s unlikely
for the affected individuals to receive an official notice of a
breach. Entities in India are obliged by law to disclose these
incidents, but the authorities aren’t very strict about this, at least
not until now.

The details that have been leaked are highly sensitive, so if you are
included in the datasets, you should take many precautions against
potential scams and threats.