In a startling revelation, the personal details of almost 70 lakh Indian debit and credit card users have been leaked on the dark web, most of the details including phone numbers and email addresses, an internet security researcher alerted on 8 December. Also Read - Dark Web Alert! Domino's India data of 180 million orders leaked online
Security researcher Rajshekhar Rajaharia said that details like names of the users, employer firms and annual income also seemed to have been leaked. Also Read - Air India server hacked, personal data of 45 lakh passengers leaked in massive cyber attack
The total size of the leaked database is around 2GB which also reveals the types of accounts and whether these users have switched on mobile alert services or not. Also Read - Almost 60 percent of internet users in India fell prey to hacking in the last 1 year: Report
“Data pertains to the period between 2010 and 2019, which could be very valuable to scammers and hackers,” Rajaharia told IANS in a statement.
“Since this is financial data, it is very valuable for hackers and scammers as they can use the personal contact details for phishing or other attacks,” he said while sharing a screenshot of some leaked data.
What is reassuring is that the report also mentions that no card numbers have been leaked.
Researchers at the security firm believe that the leak could have come from third-party service providers who are contracted by the banks to sell credit/debit cards to customers. They have also said that the leaked database also includes PAN numbers for almost 5 lakh cardholders.
One can also question the accuracy of the data that has been leaked. Researchers have not been able to verify whether the data of 70 lakh users are genuine or not, however, they have found that some of the details mentioned in many of the fields seem to be accurate.
“I think someone sold this data/link on the dark web and later it became public. Financial data is the most expensive data on the Internet,” Rajaharia said.
Cybersecurity incidents have been pervasive and a persistent problem for many organizations around the world amid the pandemic.