Has Mobikwik suffered one of the biggest data breaches ever in India?
- 29912
- 568
-
- Last Comment
Hello,
I was just browsing casually when something really surprising caught my attention.
From multiple sources, it seems that Mobikwik has allegedly suffered the biggest data breach ever
The data breach leaks information like :-
1. Mobikwik Account Phone Numbers
2. Your full name
3. Your KYC documents like PAN & Aadhaar
4. E-mail addresses
5. Hashed passwords
6.Debit/Credit Card details
7.Your GPS location
8. Phone model details including IMEI
9. Other apps in your system.
Looks like Mobikwik hasn’t come up with any official clarification regarding this. If true this will be the biggest data breach ever and will be catastrophic
Multiple sources have this news like:-
1.
https://mobile.twitter.com/XploitWizer/status/1...
2. https://www.databreaches.net/in-threat-actor-of...
3. https://mobile.twitter.com/fs0c131y/status/1376...
Please note that this is unverified as Mobikwik has not issued any official clarification and also this information is available on other public websites where it was originally posted and I also hope it’s not true however it certainly raises a question on Indian companies and if at all they are trying to safeguard our data.
A data protection law is must for India these days
Deal Wiki
-
Last updated by: relwanivasudev473
Disclaimer :- Please note that this is unverified information. I’m not criticizing Mobikwik directly in any way. This post is just for awareness and discussion. I personally love Mobikwik offers very much. However by historical trends every company has refused to accept any data breach information at first instance. These information regarding the alleged breach are available publicly in websites with links given we are just discussing about it here
Check it out - detailed news
https://hindi.thequint.com/tech-and-auto/cyber-...
Fuck was going to do kyc next month
Bach gaya
Search functionality not working!
Today Mobikwik, tomorrow maybe any other App
Check this link got from @hotchap
https://www.csoonline.com/article/3541148/the-b...
So banning or uninstall Mobikwik is not the solution.
If accidents happen, we can’t ban road or driving.
Need appropriate action by concerned App or government in this regard.
Finally we need data security and reliability.
MobiKwik is a cheap low quality app evident from founders profiles and location (Gurgaon ?)
Any decent product company has dev center in Bangalore where best talent is available.
Investors never have any idea about the coding standards followed by company because they only interact with marketing team so its not a big deal to build a company.
where to see? onion link not opening
use tor browser
Dimers ready to support ?
You just need to go through this link
https://cms.rbi.org.in/rbi/VividFlow/run/rbi#Rb...
Select system participant and then “ONE MOBIKWIK SYSTEMS PVT LTD”
Desidime community has enough power to shake anyone
We need to do this in mass
RBI ko v to pta chale ye kyc kyc ka nanga Naach ho rha ..
Koi Modiji ko bhi Tweet mein Tag kiya hai yaa nahin?
is the onion link working? for me it is not..
Ab Kya hoga
Chortel payment bank ka bhi time ayega … Jaldi hi …
Banks(whether payment or small finance or regular) have to follow much stricter data security guidelines as mandated by RBI. In fact most banks data security is outsourced to companies like TCS & Infosys I think. On the other hand I doubt mobikwik ever even hired a middle tier cyber security firm.
8.2 TB Of MobiKwik User Data Allegedly Hacked, Company Denies Breach
This alleged MobiKwik data breach was first highlighted by French white hacker and security researcher Elliot Anderson via a screenshot on his Twitter earlier today.
Highlights
The hacker who allegedly has access to the entire database of MobiKwik users’ KYC details is willing to sell the entire chunk for 1.5 bitcoins, which amounts to around $84,000
The data that’s on offer includes a total of 350 gigabytes of MySQL dumps that include 500 databases.
It also consists of 99 million mail, phone passwords, addresses and data surrounding installed apps, IP addresses, GPS locations etc
The breach also gives access to 40 million 10-digit card numbers with month, year and card hash.
This also includes databases surrounding company data.
MobiKwik in a statement rejects that such a data breach has occurred
A massive database breach has allegedly occurred in MobiKwik servers where the KYC data of hundreds of thousands of its users has surfaced on the dark web as much as 8.2 terabytes of data.
If you save your card on mobikwik then keep your debit/credit card international transaction off bcz international transaction do not requires OTP.
Yes from below link of onion anyone can check on tor browser data has been leaked
And it has all the details from opening date of the account http://mobikwikoonux37wauz6oqymshuvebj5u763rutl...
When it stopped working, people are sharing openly..
What is the use of sharing now..🙄😏
I just opened the shared tor link and it actually showing details I had one number in past 3 years ago that account details+ address (complete) showing
Edit: Showing Masked card number which already deleted from mobikwik app too
This guy who has hosted the website is very determined even after so much traffic which reputed websites can’t handle he has again managed to get it back again online
Yes
The data leak is true. Fuck this company for firstly poor controls and then denying the leak
Yes even if I delete card from mobikwik app it still showing card (More than 20 Cards showing)
+ complete account number including IFSC code for linked upi
How did mobikwik get hold of the address ?
And yes all past cards are there even from 2014
Safety Tips
- Disable all International transactions ASAP. They dont need OTP
- Keep biometrics locked in aadhar app
- Check cibil site regularly ( Since Pan and adhaar has been leaked anyone can open a loan in your name)
- Turn on 2FA for Gmail
- Dont answer any phone calls from banks as all your details are in public domain
And pray that these are not sold
Modi is busy looting the states where he has no government he do not give shit to anyone and had a nice vacay in Bangladesh chutiya pm
True bro.. this Modi is shit.. need to bring in Yogi ASAP.
This data breach is quite extensive and potentially problematic.
MobiKwik’s IR team must be working overtime.
The hacker says he’ll take the site and information down if Mobikwik publicly admits about this as they are lying about it since weeks. Until they admit he will not take this down
Picture abhi baki hai yaaron. 😂
Can anyone pm the site
Already in this thread
Aur kisiko kuch link karana hai ye D**K se jaldi karado…
Offer ends soon o.O
*****************************************************************
FYI – * contains cuss words.
@AyushiiiVijay I had to do it.
What’s the use of delete card option if even after deleting our cards, card details are going to save in their database..
Looks like every merchant does the same. Nice way to fool users
I don’t see an option to delete my cards in their app
He has it in bulk
Off topic: What will be IPO price band for this cmp???
5000 to 6000 😂🤣
Mobikwik data breach
All kyc details Card & all other details leaked Do keep a check on bank amount International transactions doesn’t require OTP U can disable international transactions using net banking
@bipin.p.singh201 CEO sahab junta ko jawab chahiye
Hold on your cards then you’ll see cross ❌ option. Then logout and login again
Once the data is saved in the database of any app (even Amazon too), nothing can be done from our end.
Deleting any data by user, is just removing from user’s view.
Mobikwik data breach
All kyc details
Card & all other details leaked
Do keep a check on bank amount
International transactions doesn’t require OTP
U can disable international transactions using net banking
oh🤧 @budhe-baba😓 now you just made @bipin.p.singh201 @bipin_aap feel sad😞!