As much as 8.2 terabytes of data leak have allegedly occurred in MobiKwik servers where the KYC data of hundreds of thousands of its users has surfaced on the dark web.
This development comes in the wake of MobiKwik announcing its plans to go for IPO in September.
The hacker, who allegedly has access to the entire database, is willing to sell the entire chunk for 1.5 bitcoins, which amounts to around $84,000.
The data on sale includes a total of 350 gigabytes of MySQL dumps that include 500 databases.
It also consists of 99 million mail, phone passwords, addresses, and data surrounding installed apps, IP addresses, and GPS locations, among others.
The leak also gives access to 40 million 10-digit card numbers with month, year, and card hash.
This also includes databases surrounding company data.
However, MobiKwik in a statement dismissed reports of any breach.
“Some media-crazed so-called security researchers have repeatedly attempted to present concocted files wasting precious time of our organization as well as members of the media. We thoroughly investigated and did not find any security lapses. Our user and company data is completely safe and secure,” Mobikwik said.
This alleged data breach was first highlighted by French white hacker and security researcher Elliot Anderson via a screenshot on his Twitter earlier today.
Earlier in the first week of March 2021, an Indian cybersecurity researcher Rajshekhar Rajaharia had revealed the alleged Mobikwik’s data leak.
