Data Of 10 Cr Digital Payments Transactions Leaked After Attack On Juspay’s Server

75°
Analyst
andromeda

https://inc42.com/buzz/india-data-leak-cardhold...

In what is seemingly the biggest data leak in India’s history in terms of the number of users affected, the data of 10 Cr cardholders has been leaked on the dark web.

The leaked data, which is in the form of a data dump, appears to have been leaked through a compromised server of Bengaluru-headquartered mobile payment solutions company Juspay.

Screenshots of the leaked database, accessed by Inc42, reveal that it contains sensitive information. This includes a user’s card brand (VISA/Mastercard), card expiry date, the last four digits of the card, the masked card number, the type of card (credit/debit), the name on the card, card fingerprint, card ISIN, customer ID and merchant account ID, among several other details. In all, over 16 fields of data relating to their payment cards have been leaked for at least 2 Cr users, as conceded by Juspay, a subset of the total number of user records (10 Cr) that have been leaked.

8 Comments  |  
6 Dimers
  • Sort By
Pro Entertainer Pro Entertainer
Link Copied

😱😱😱

Deal Subedar Deal Subedar
Link Copied

Who are all the merchants using juspay?
I think, freecharge, airtel and bifbasket uses it.

Analyst Analyst
Link Copied
ramadesidime wrote:

Who are all the merchants using juspay?
I think, freecharge, airtel and bifbasket uses it.

Juspay offers a software development kit (SDK) for app makers to integrate its services. It counts major Indian and international tech companies such as Amazon, Airtel, Swiggy, Vodafone, Uber, Cred, Ola and Flipkart among its clients.

Pro Entertainer Pro Entertainer
Link Copied
ramadesidime wrote:

Who are all the merchants using juspay?
I think, freecharge, airtel and bifbasket uses it.

Snapdeal too

Deal Subedar Deal Subedar
Link Copied
Expand
andromeda wrote:

Juspay offers a software development kit (SDK) for app makers to integrate its services. It counts major Indian and international tech companies such as Amazon, Airtel, Swiggy, Vodafone, Uber, Cred, Ola and Flipkart among its clients.

Looks like, who ever uses cred (most of the dimers) are caught in this.

Just one app (cred) can bring down the whole Indian CC payments to halt.

Deal Subedar Deal Subedar
Link Copied

Hard to believe that companies like az and fk used this company’s services.

Deal Cadet Deal Cadet
Link Copied

So, now that we know there’s a breach, is it safe to continue using these sites and adding our new card details?
And would it be advised to get replacement cards for ones used on amazon , swiggy, cred Flipkart?

Analyst Analyst
Link Copied

The card numbers will be safe since the numbers are masked. More than that is other information that got leaked. At the moment, with the kind of information that is out, I can’t fathom the damage it can do.

Missing