[BreachExchange] Massive personal info leak from online banking portal

Sophia Kingsbury sophia.kingsbury at riskbasedsecurity.com
Wed Aug 11 11:38:00 EDT 2021 

https://www.newindianexpress.com/cities/kochi/2021/aug/11/massive-personal-info-leak-from-online-banking-portal-2343011.html

Kochi-based cybersecurity firm Technisanct has unearthed a major personal
identifiable information (PII) leak in which hackers have targeted an
online banking platform. The PII details of over one lakh Indian nationals
with copies of their Aadhaar card, PAN card and cancelled cheques have been
found leaked and available for sale in a hackers’ forum.

According to Nandakishore Harikumar, founder and CEO of Technisanct, his
team has found 360 GB of content having around 11 lakh files with PII of
over one lakh Indian citizens in the notorious hackers’ platform named Raid
Forum. The hacker, who has leaked the data, has offered it for sale
demanding $25,000.

“The data is leaked from an online banking platform which collected KYC
details in the e-format. We suspect the hackers made use of the
vulnerability of cloud data storage of the banking platform. We expect the
online banking firm to identify the security breach and take required
action. The leaked PII was of the 2018-2021 period. Interestingly, the
Supreme Court has barred private entities from collecting Aadhaar for
e-verification since 2018,” he said.

Technisanct recently detected a similar data breach from Tamil Nadu public
distribution system, in which 65 million Aadhaar card numbers stored
without encrypting these were found leaked in hackers’ forums. However, the
agency which maintains the data denied the breach.

An official with the Cyberdome of Kerala Police said even when a massive
cybersecurity breach happens, the companies refuse to complain fearing the
impact on their reputation. “No company comes forward to report cyber
attacks these days, often making enforcement agencies helpless in taking
action. Apart from lodging complaints on time, there should be regular
cybersecurity audits which must include identification of any cyberattack
and breach. Having secure firewalls alone won’t prevent cyber attacks,” the
police official said.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210811/72c6a2e4/attachment.html>

More information about the BreachExchange mailing list