Wednesday, January 6, 2021

100 Million Indian Citizens data for sale on dark Web

Data from around 100 million (100 million) credit and debit card holders in India  is being sold on the dark web. Most of the data on the dark web has been leaked from the server of Bangalore-based Digital Payments Gateway Jasay. Last month, Researcher had claimed that the credit and debit card data of more than 7 million (7 million) users in the country was leaked.

According to the researcher, this data is being sold on the dark web. The leaked data includes the names of Indian card holders along with their mobile numbers, income levels, email ID, permanent account number (PAN) and the first and last four digit details of the card. He has also shared screenshots of it on social media.

Data being sold through bitcoin.

The data is being sold through the crypto currency bitcoin on the dark web at undisclosed prices. Hackers are also making contact via telegram for this data. JusPay follows the industry data security standard (PCIDSS) in storing users' data. If hackers can use a hash algorithm to create a card fingerprint, they can also decrypt the masked card number. In this situation, the account of all 100 million card holders may be threatened.

The company has recognized that the hacker had access to a developer of Juspay. Data leaked are not considered sensitive. Only a few phone numbers and email addresses have been leaked. Nevertheless, the company had informed its merchant partner on the day the data was leaked.