September 26, 2023

Online trading and discount brokerage platform Upstox has become the latest Indian company to suffer a security breach of its systems, resulting in the exposure of sensitive information of approximately 2.5 million users on the dark web.

The leaked information includes names, email addresses, dates of birth, bank account information, and about 56 million know your customer (KYC) documents pulled from the company’s server.

Company reacted “unauthorized access into our database” while stressing that users’ funds and securities remained protected.

As a precaution, besides initiating a secure password reset of users’ accounts, Upstox said it restricted access to the impacted database, implying it was a case of a misconfigured AWS server, in addition to incorporating multiple security enhancements at its third-party data warehouses and ring-fencing the network.

News of Upstox’s security breach comes weeks after an India-based digital wallet service MobiKwik dealt with a major security incident after 8.2 terabytes (TB) of data belonging to millions of its users began circulating on cybercrime forums.

Tags:

Leave a Reply

You may have missed

Sony attack – Ransomed.vc claims responsibility

September 26, 2023

Chrome Zeroday – CVE-2023-4863 PoC Exploit Released

September 25, 2023

BlackCat adds Clarion to its Victim list

September 24, 2023

TheCyberThrone Security Week In Review – September 23, 2023

September 24, 2023

MGM Resorts and Ceasars Attacks – Lesson Learnt

September 23, 2023

CISA KEV Update September 2023 – Part II

September 23, 2023
%d bloggers like this: