Mobikwik data breach said to be largest KYC leak, personal data of 3.5 million users up for sale on dark web

Payment app Mobiwik came under the scanner on Monday after a security researcher claimed that the data of 3.5 million users were put up for sale on dark web.

Payment app Mobiwik came under the scanner on Monday after a security researcher claimed that the data of 3.5 million users were put up for sale on the dark web. The researcher claimed that the sensitive information of 3.5 million users that was put on the dark web for sale includes KYC details, addresses, phone numbers, Aadhar card data and other details of the users. Several users had reportedly spotted their personal details on the dark web link that is being circulated on the internet. The data breach was first spotted by security researcher Rajshekhar Rajaharia in February. “11 Crore Indian Cardholder's Cards Data Including personal details & KYC soft copy(PAN, Aadhar etc) allegedly leaked from a company's Server in India. 6 TB KYC Data and 350GB compressed mysql dump,” he had said. The screenshots of the Mobiwik breach were posted on Twitter by another security researcher who goes by the name Elliot Alderson. He called it the “largest KYC data leak in the history”.