MobiKwik & The Increase In Data Breaches In India

A look at what is said to the “largest KYC data leak in the history”.

What’s New?

We’ve all been hearing about the alleged data breach that happened in MobiKwik. However, this didn’t happen a couple of days ago. The allegations about the company’s data being stolen has been making rounds since February.

The Initial Claims

Earlier in February, Rajshekhar Rajaharia, an internet security researcher, claimed that MobiKwik’s data has breached twice this year. He also said the hacker had access to MobiKwik’s server since January and added that Reserve Bank of India should probe the matter. He brought up this matter again on March 4.

Rajaharia said the hacker still has access to MobiKwik’s data and backup was allegedly taken on 20th January 2021. However, MobiKwik denied all these claims. The company said that they have thoroughly probed his allegations and did not find any security breaches.

The Recent Tweet

If that was the end of the story, then why are we talking about it now? Because of Elliot Anderson. This matter resurfaced because Anderson, who is a French cybersecurity researcher, tweeted about it with screenshots. He called it as “Probably the largest KYC data leak in history.” The screenshot said that the KYC details of nearly 35 lakh people have been exposed along with over 9.9 crore user phone numbers, emails, hashed passwords, addresses, bank accounts and card details etc.

Breaches Everywhere

What is happening at MobiKwik is not something new. India has been seeing an increase in the number of data breaches in the past few years. The national cybersecurity agency says that cyberattacks have jumped from 53,117 in 2017 to 2,08,456 in 2018, 3,94,499 in 2019 and 11,58,208 in 2020. In December, there were reports of personal data of 7 million Indian cardholders being leaked on a public Google Drive link.

Another important thing to note is that the cost of data breaches is also increasing these days. A report commissioned by IBM Security and conducted by the Ponemon Institute said the average total cost of a data breach in India hit ₹14 crore in 2020, which is a jump of 9.4% from last year. The report added that the cost comes to ₹5,522 for a single lost or stolen record, a surge of 10% from 2019.

The Need Of The Hour

As cyberattacks continue to rise in India, what can be done to curb these attacks? When we get to the core of the problem, we can understand that it is because of the lack of a strong mechanism for the protection of user data in India. The Personal Data Protection Bill, which is said to consist of provisions to deal with this kind of data breaches in pending in Lok Sabha since 2019. So, the government needs to form frameworks to protect the personal data of the country’s citizens.

The other thing that companies have to do is inform users if any breach has happened. With the case in MobiKwik, the company continued to deny claims of security breaches in the beginning. But now, the company has said that it will get a third party to conduct a forensic data security audit. When reports about data breaches, companies can do a thorough sweep on their security system to make sure that the user data is protected. If any breach has happened, they should inform the users promptly as well.

In the meantime, if you are a MobiKwik user, you can update your account’s password as well as the passwords to email addresses, setup two-factor authentication including OTPs and fixed passcodes, wherever possible.

Head to moneyguru’s Insight section to stay updated on all major financial news updates of the day!




Your Best Direct Mutual Fund Investing Experience Begins Here. Invest, Read and Track — at one place & for free! vist us at:

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

How SSL works?

New Wheels on the CAR: Updates to the Cyber Analytics Repository

NFT Smart Contract Analysis — PXN: Ghost Division

Skyrim Finance — Testnet Launch & Bug Bounty Program

TezID v2.0

Safe or Malicious? Learn the Common Techniques of Cybercriminals and How to Avoid Dangerous Apps

How to Secure Your Home With A Security Camera?

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


Your Best Direct Mutual Fund Investing Experience Begins Here. Invest, Read and Track — at one place & for free! vist us at:

More from Medium

Unlocking the power of data for net-zero

Starbucks Capstone Project

What skills should I add to my arsenal?

Finding an Internship in Financial Planning