Is MobiKwik safe

MobiKwik denies 8.2 TB data breach from their server

Mobikwik, a digital financial services platform from India, denies the fact that over 8 TB of their data in their database on their server has been stolen.

Last month, cyber security researcher Rajshekhar Rajaharia tweeted what he found. According to it, a threat actor has been selling a database of confidential information that was stolen from Mobikwik after a hack that led to access to the company's server since January 2021.

This time around, the privately owned fintech platform got the answer that this was all the Rajaharia's goal of "getting media attention". The company also said, "User and company data is completely safe" because an investigation "found no security breaches".

MobiKwik added that its "legal team will take strict action against this so-called researcher who is trying to slander our brand reputation for ulterior motives."

The allegedly stolen data includes all of the personal and financial information, including addresses, phone numbers, emails, and hashed passwords, of over 100 million people, their bank accounts and card information of approximately 40 million users. The database also contains around 3.5 million Indian KYC data.

The threat actors provided users with a search portal through which they can search whether their data is on the list of stolen data. However, this portal has been removed due to the increased traffic.

Today the company again denies that the data breach occurred on its server. According to the company, the users searching for their data on the search portal provided by the threat actor may have uploaded their data to the dark web themselves.

Mobikwik said: “Some users have reported that their data is visible on the dark web. As we investigate this, it is entirely possible that each user has uploaded their information to multiple platforms. Hence, it is incorrect to point out that the data available on the dark web was accessed by MobiKwik or an identified source. "

“The company is working closely with the required authorities and is confident that the security protocols used to store sensitive data are robust and have not been breached. Given the gravity of the allegations and with great caution, it will induce third parties to act, MobiKwik added that it is a forensic audit for data security.

The company reassured the customizers that their accounts are secure and that their financial information is stored in encrypted form.