Friday, July 23, 2021

Data Of 10 Million Digital Payments Transactions Leaked On Dark web In Juspay data breach

Must Read

NSA Discovers new critical vulnerabilities in Exchange Servers

The National Security Agency on Tuesday said it had warned Microsoft of several serious problems that criminals could use...

Botnets have been Silently mass-scanning the Web for unsecured ENV Documents

Threat Actors are searching for API tokens, passwords, and database logins generally stored in ENV documents. Drawing little focus on...

DoJ Says SolarWinds Attackers Has accessed its Microsoft O365 email server

Thousands of Department of Justice (DoJ) email accounts were accessed by SolarWinds attackers last year, the department has confirmed. The...

Sensitive information of over 100 million debit and credit cardholders have been leaked on the dark web, a security researcher reported.

Personal details such as email ids, full names, phone numbers, and debit and credit card details of over 100 million users of Juspay has been breached by a hacker who posted the data for sale on the dark web, discovered a cyber-researcher last week.

In what could be a major data breach, information of over 100 million debit and credit card users from payments processor Juspay has leaked on the dark web. Juspay processes payments for companies like Amazon, Swiggy, MakeMyTrip among others.

The Bangalore start-up processes transactions from Amazon, MakeMyTrip, Swiggy, Uber, Airtel, Vodafone Idea, and other well-used applications in India and had announced the data breach in August of 2020.

The leaked data is in the form of a data dump and has been leaked through a compromised server of Juspay. Juspay has confirmed the data leak in its official blog post, outlining the details of the breach.

The breach happened in a data dump which would allow for more online phishing scams. The data dump was discovered in the first week of January by cybersecurity researcher, Rajshekhar Rajaharia, reported NDTV.

 The data leak could make cardholders prone to a phishing scam where users may be conned into revealing private information like OTPs or PINs, said Rajaharia.  

a2434345d63481a40f0d145881b41013?s=96&d=mm&r=g
Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest News

OAIC: Uber found to have interfered with the privacy of over 1.2 million Australians

The Office of the Australian Information Commissioner (OAIC) has determined that Uber Technologies, Inc. and Uber B.V. have interfered...

Over 80 US Municipalities data are exposed due to Misconfigured Amazon S3

A team of Cybersecurity researchers at Wizcase found major data exposure of Over 80 US Municipalities due to the Misconfigured Amazon S3 Bucket. This happened...

Formbook malware Upgraded as an XLoader malware to Attack macOS Systems

Researchers have spotted an upgraded malware variant of Formbook malware which is now Upgraded as an XLoader malware to Attack macOS Systems. Cybersecurity researchers on...

Millions of HP, Samsung, Xerox Printers are Vulnerable to 16 year old bug

A 16-year-old security vulnerability affects Millions of HP, Samsung, Xerox Printers Driver allows attackers to gain admin rights on systems using the vulnerable driver...

MosaicLoader malware targets cracked software via SEO poisoning

New MosaicLoader malware targets users that are searching to download cracked software. Cybercriminals run ad campaigns in search engine results to boost their malicious...

More Articles Like This