SME Times is powered by   
                        Search News
                        Just in:   • SpiceJet re-introduces 'Zero Change fee' offer  • 'Good' progress made at nuclear talks but issues remain: Iran  • Fiscal package may be on cards to maintain economic recovery amid Covid 2.0  • Striking taxi drivers demands unreasonable: Goa tourism body  • Govt notifies Rs 6k cr PLI scheme for AC, LED light manufacturing 
                        Last updated: 12 Apr, 2021  

                        Cyber.Crime.9.Thmb.jpg Upstox hacked, 25-30 lakh users' data at risk

                           Top Stories
                        » Fiscal package may be on cards to maintain economic recovery amid Covid 2.0
                        » FICCI writes to 25 CMs on Covid management
                        » Regulation of insolvent firms' shares still remains a dilemma
                        » ECLGS 2.0 now covers SMA-1 borrowers
                        » Forex reserves up by over $4 bn
                        SME Times News Bureau | 12 Apr, 2021
                        Digital stockbroking firm Upstox, one of the official partners of the Indian Premier League (IPL), has admitted a data breach, saying that the financial details of its users are completely safe. However, cyber security researchers said at least 25-30 lakh users may be affected and the hacker is asking $1.2 million ransom.

                        According to independent security researcher Rajshekhar Rajaharia, this is the handiwork of ShinyHunters that has been involved in several hacking incidents involving top Indian companies (including Bigbasket, BuyUcoin and JusPay), and data of 25-30 lakh Upstox users and 5.6 crore KYC files may have been leaked.

                        Claiming that the funds and securities are protected and remain safe, the Tiger Global-backed company said in a statement that it has upgraded the security systems, based on the recommendations of a global cyber-security firm.

                        "We brought in the expertise of this globally renowned firm after we received emails claiming unauthorised access into our database. These claims suggested that some contact data and KYC details may have been compromised from third-party data-warehouse systems," the company said in the statement.

                        "As a matter of abundant caution, we have also initiated a secure password reset via OTP," the company added.

                        According to Rajaharia, the breached database includes bank account details, mobile numbers, pictures of users' signature, Aadhaar, PAN and passport etc.

                        Ravi Kumar, Co-founder and CEO of Upstox, said the company takes security and privacy very seriously.

                        "While we have already reported this incident to the relevant authorities, we deeply regret any inconvenience this may have caused you," Kumar said.

                        According to Sonit Jain, CEO of GajShield Infotech, in a rush to scale their business, many a times, enterprises do not focus on data security.

                        "Being aware of where customer data is located and protecting it, is a must for every organisation, however big or small they maybe. Data security should not be a one-time effort, enterprises need to have a real time visibility to their threat surface and data flows," Jain said.

                        ShinyHunters has been involved in several data breaches recently, including allegedly leaking sensitive data of nearly 3.25 lakh users of Delhi-NCR based global cryptocurrency exchange and wallet, BuyUcoin, on the Dark Web.

                        The hacker has also leaked 19 lakh user records stolen from free online photo editing application Pixlr.

                        In November last year, one of India's popular online grocery stores BigBasket, found that data of over 2 crore users had been hacked and were on sale on the Dark Web for over $40,000 -- which is reported to be the handiwork of ShinyHunters.

                        The hacker is allegedly behind over 44 public leaks in 2020 and several are not yet listed. The databases he has contain information of over 125 crore people globally, including more than 20 crore Indians.
                        Print the Page
                        Add to Favorite
                        Share this on :

                        Please comment on this story:
                        Subject :
                        (Maximum 1500 characters)  Characters left 1500
                        Your name:

                          Customs Exchange Rates
                        Currency Import Export
                        US Dollar
                        UK Pound
                        Japanese Yen 58.85 56.85
                        As on 18 Apr, 2021
                          Daily Poll
                        COVID-19 has directly affected your business
                         Can't say
                          Commented Stories
                        » Covid second wave: Lockdown or no lockdown(2)
                        About Us  |   Advertise with Us  
                          Useful Links  |   Terms and Conditions  |   Disclaimer  |   Contact Us  
                        Follow Us : Facebook Twitter