[BreachExchange] ShinyHunters dump partial database of broker firm Upstox

Thu Apr 15 10:33:04 EDT 2021

https://www.hackread.com/shinyhunters-broker-firm-upstox-database-leak/

ShinyHunters claims Upstox is negotiating with them.

Upstox, a tech-first low-cost broking firm in India has issued an
alert to inform customers about a data breach that took place between
March and April 2021. The retail broking firm claims that funds and
securities are safe and unaffected by the breach.

On its website, the company’s co-founder and CEO Ravi Kumar confirmed
that some of the KYC (Know Your Client) data was stored in a
third-party warehouse.

“Funds can only be moved to your linked bank accounts and your
securities are held with the relevant depositories. As a matter of
abundant caution, we have also initiated a secure password reset via
OTP. Through this time, we have also strongly fortified our systems to
the highest standards.”

Upstox has restricted access to the breached database and added
multiple security layers at all third-party warehouses. As of now, the
company hasn’t revealed the number of customers affected by the
breach.

ShinyHunters in action

The hacker behind the breach is ShinyHunters who published partial
stolen data from Upstox and claimed that the reason behind dumping the
data was to send a message to the company.

ShinyHunters added that Upstox did not respond to them when the
company was informed about the breach.

However, since the company has admitted on Sunday that its databases
had been breached, ShinyHunters has removed the download links from
Raid Forums, an infamous hacker forum, and revealed that Upstox has
responded and “negotiations” are in process.

What data was leaked?

Hackread.com has seen the data and it can be confirmed that it
included the following information:

Names
City
State
Zipcodes
Last login date
Phone numbers
100,000 Email addresses
Hashed passwords
Date of birth
Bank Details
Device used by a user
Date of account creation
KYC (Passport, PAN, Cancelled Cheque, Sign Pics.)

Investigation Underway

Upstox states that after learning about unauthorized access to their
database, they appointed a reputed international cybersecurity firm to
investigate the reasons behind the breach. They also acknowledged that
hackers had posted a sample of the company’s data online.

Moreover, Upton has now enabled 24×7 real-time monitoring and added
ring-fencing to its network.

Stock Broking Firms The New Target of Hackers

Cybercriminals seem to be running out of options and opportunities,
given the advancement in security solutions. Perhaps that’s why they
have set their eyes on stockbroking firms after targeting e-commerce
sites and other lucrative platforms.

Companies that fail to adopt high-tech and stringent security measures
fall prey to the hackers’ malicious tactics. The same seems to be the
case with Upstox, India’s second-largest discount brokerage firm, as
per the number of active clients. The company boasts over 3 million
users and is backed by mainstream Indian investors like Ratan Tata.