Biggest Cyber attack in india
1. Domino's India
2. Upstox data breach
3. MobiKwik data breach
4. Air India data breach
5. COVID-19 Results Database
1. Domino's India
Domino's India Faces Cyber Attack; Data Of 18 Cr Orders, Including Personal Info,Leaked,nearly a month after a large data leak, Jubilant FoodWorks - which runs Domino's India - has faced another cyberattack with personal info being leaked
Nearly a month after an enormous data leak, Jubilant FoodWorks - which runs the chain of Domino's India outlets - has faced another cyberattack with personal information of shoppers being leaked now. The incident has come to the fore after a cybersecurity researcher Rajshekhar Rajaharia claimed that data of 18 crore orders placed with Domino's India are made public by a hacker on the dark web. the information includes name, e-mail addresses, mobile numbers, GPS location amongst others.
Rajaharia has alleged that with data of consumers being leaked on the dark web, anyone can easily search any mobile number and check the given person's past locations with data and time.
Meanwhile, Jubilant FoodWorks has admitted to the information breach, but maintained that customers' financial information remains safe. Stating that the corporate experienced a 'security incident,' the corporate has said that it's not resulted in any operational or business impact. the corporate claims that the financial data of consumers, including mastercard data, remains safe because it doesn't store these details.
"Jubilant FoodWorks experienced an information security incident recently. No data per the financial information of somebody was accessed and therefore the incident has not resulted in any operational or business impact," PTI quoted the official statement by Domino's India.
2. Upstox Data Breach
Upstox, one of the largest discount broking firms, recently suffered a security breach of its systems, resulting in the exposure of its customers' sensitive information. Though Upstox did not specify how many of its users' data was compromised, media reports suggest at least 25 lakh customers data were breached
Popular discount broker Upstox has suffered a large data breach that has exposed some important data like Aadhaar, PAN and checking account numbers, aside from other personally identifiable information like mobile numbers and email addresses.
Upstox could be a Delhi-based discount stock broker that permits its customers to shop for and sell shares. it's backed by Tiger Global and has over 1 million customers.
“We have upgraded our security systems manifold recently, on the recommendations of a worldwide cyber-security firm. We brought within the expertise of this globally renowned firm after we received emails claiming unauthorised access into our database,” Upstox said on its website, reacting to reports of the info breach.
The company said that despite the information breach, the funds and shares of its customers are safe. this can be for 2 reasons – funds in your Upstox account can only be withdrawn to the linked checking account, and therefore the shares are held with the depositories – either Central Depositories Services India Ltd (CDSL) or National Securities Depository Ltd (NSDL) – and not with Upstox.
With that being said, Upstox users produce other things to be worried about. Security researcher Rajshekhar Rajaharia, who had earlier tipped Business Insider about Juspay and MobiKwik data breaches, told us that the Upstox data breach includes Aadhaar, PAN, passport, checking account numbers, mobile numbers and even the photos of signatures.
3. MobiKwik Data Breach
The alleged data breach of 3.5 million users at IPO-bound fintech unicorn MobiKwik is under RBI's scanner. The company has submitted a forensic audit report detailing the data breach, the RBI said in response to a right to information (RTI) petition filed recently.
MobiKwik said on Tuesday it had been investigating claims of knowledge breach after a web site claimed to possess exposed private information of nearly 100 million users of the Indian mobile payments startup.
Over the weekend, a site on the dark web claimed it had 8.2 terabytes of MobiKwik user data. the information included phone numbers, email addresses, scrambled passwords, transactions logs and partial payment card numbers.
The website also claimed that it had “know your customer” (KYC) documents (government-issued Aadhaar card or PAN ID) of three.5 million users, and every visit to the web site displayed four random images from the information dump. KYC documents are required in India for users who want to access certain services with none limitations. Local law requires a mobile wallet firm in India, as an example, to support monthly transactions exceeding a specific limit.
The dark data processor features a searchable database that enables users to seem up their telephone number or email to verify the authenticity of the info breach claim. TechCrunch was ready to verify the accuracy of the information in several cases.
A seller on a well known cybercrime forum claims to be selling access to the database for 1.2 bitcoin — about $70,000.
The Sequoia Capital India-backed startup says it can’t yet prove if the info actually belongs to MobiKwik users. “It is wrong to suggest that the info available on the darkweb has been accessed from MobiKwik or any identified source,” the startup wrote in an exceedingly blog post.
However, a screenshot leaked to TechCrunch shows a MobiKwik official asking an Amazon representative last month for logs referring to its cloud service after the startup “came to understand that our S3 [cloud storage] data is downloaded by another person outside the organization.”
The startup said its legal team will take “strict action against the so-called security researcher.” Rajaharia told TechCrunch that it’s his right as a user to grasp if his financial data is safe, and added that he doesn’t have the resources to fight legal battles.
MobiKwik said it absolutely was closely working with authorities and was confident that security protocols to store sensitive data are “robust and haven't been breached.” It added that it had been getting a third-party to conduct a forensic data security audit. “We are committed to a secure and secure Digital India.”
This comes after Mobikwik on Tuesday, 30 March, said they would initiate a forensic data security audit. “The company is closely working with requisite authorities on this matter, and considering the seriousness of the allegations will get a third party to conduct a forensic data security audit,” a Mobikwik spokesperson had said on Tuesday.
This data breach is claimed to have been done by a group of hackers called the ‘Ninja_Storm’ who have been selling the ‘leaked’ data online since 26 March. According to a post by the hacker group, the data was being sold at 1.5 Bitcoins, which is nearly Rs 63 lakhs.
4. Air India data breach
Air India has been sued by a flyer over the recent personal data leak of 4.5 million customers. Ritika Handoo, a journalist from Delhi, has sought damages of Rs 30 lakh from the airline for the breach of data. She has termed the breach as a violation of her "right to be forgotten and informational autonomy"
Air India has admitted to a large data breach that compromised the private data of about 4.5 million passengers.
The breach, confirmation of which comes two months after SITA's Passenger Service System (PSS) was hacked, affected customers who registered between August 2011 and late February 2021, Air India said in an exceedingly statement. Compromised data includes customers’ name, data of birth, contact information, passport information, frequent flyer data and mastercard data, although CVV/CVC numbers weren't included.
Password weren’t accessed by the hackers, Air India added, although it’s urging all customers to alter their passwords as a precaution.
The airline said it first learned of the incident on February 25, but only learned the identities of affected passengers on Annunciation Day and should 4.
"This is to tell that SITA PSS our information processing system of the passenger service system (which is accountable for storing and processing of non-public information of the passengers) had recently been subjected to a cybersecurity attack resulting in personal data leak of certain passengers," Air India said in a very breach notification sent over the weekend.
The airline said it's taken steps to confirm data safety, including “investigating the information security incident; securing the compromised servers; engaging external specialists of knowledge security incidents; notifying and liasing with the mastercard issuers, and resetting passwords of Air India FFP program.”
However, Air India customers are unlikely the sole victims of the SITA hack. the corporate told Bleeping Computer during a statement that customers from several airlines were affected, including travelers who flew with Air New Zealand, Cathay Pacific, Finnair, Jeju Air, Lufthansa, Malaysia Airlines, SAS and Singapore Airlines.
“By global and industry standards, we identified this cyber-attack extremely quickly. The matter remains under active investigation by SITA,” the corporate said.
“Each affected airline has been given the main points of the precise variety of data that has been compromised, including details of the amount of knowledge records within each of the relevant data categories, including some personal data of airline passengers.”
The breach, confirmation of which comes two months after SITA's Passenger Service System (PSS) was hacked, affected customers who registered between August 2011 and late February 2021, Air India said in an exceedingly statement. Compromised data includes customers’ name, data of birth, contact information, passport information, frequent flyer data and mastercard data, although CVV/CVC numbers weren't included.
Password weren’t accessed by the hackers, Air India added, although it’s urging all customers to alter their passwords as a precaution.
The airline said it first learned of the incident on February 25, but only learned the identities of affected passengers on Annunciation Day and should 4.
"This is to tell that SITA PSS our information processing system of the passenger service system (which is accountable for storing and processing of non-public information of the passengers) had recently been subjected to a cybersecurity attack resulting in personal data leak of certain passengers," Air India said in a very breach notification sent over the weekend.
The airline said it's taken steps to confirm data safety, including “investigating the information security incident; securing the compromised servers; engaging external specialists of knowledge security incidents; notifying and liasing with the mastercard issuers, and resetting passwords of Air India FFP program.”
However, Air India customers are unlikely the sole victims of the SITA hack. the corporate told Bleeping Computer during a statement that customers from several airlines were affected, including travelers who flew with Air New Zealand, Cathay Pacific, Finnair, Jeju Air, Lufthansa, Malaysia Airlines, SAS and Singapore Airlines.
“By global and industry standards, we identified this cyber-attack extremely quickly. The matter remains under active investigation by SITA,” the corporate said.
“Each affected airline has been given the main points of the precise variety of data that has been compromised, including details of the amount of knowledge records within each of the relevant data categories, including some personal data of airline passengers.”
5. COVID-19 Results Database
Personal data of thousands of individuals in India has been leaked from a government server which has their name, mobile number, address and Covid test result, and these information is accessed through online search.
The leaked data has been placed on sale on Raid Forums website where a cyber criminal claims to possess personal data of over 20,000 people. the information placed on Raid Forums shows name, age, gender, mobile number, address, date and results of Covid-19 report of those people.
The leaked data has been placed on sale on Raid Forums website where a cyber criminal claims to possess personal data of over 20,000 people. the information placed on Raid Forums shows name, age, gender, mobile number, address, date and results of Covid-19 report of those people.
Cyber Security researcher Rajshekhar Rajaharia also tweeted that personally identifiable information (PII) including name and Covid-19 results are made public through a content delivery network (CDN).
He said that Google has indexed lakhs of information from the affected system. “PII including Name, MOB, PAN, Address etc of #Covid19 #RTPCR results & #Cowin data getting public through a Govt CDN. #Google indexed almost 9 Lac public/private #GovtDocuments in search engines. Patient’s data is now listed on #DarkWeb. Need fast deindex,” Rajaharia said in his tweet.
An email query sent to the Ministry of Electronics and IT failed to elicit any reply. The sample document shared on Raid Forums shows that the leaked data was meant for upload on Co-WIN portal.
The government has heavily relied on digital technologies in terms of controlling and creating awareness about the Covid-19 pandemic as also its vaccination programme.
Several government departments mandate people to use Aarogya Setu app for Covid-19 related services and knowledge. Rajaharia during a follow-up tweet on January 20 said that he's not reporting any vulnerability during this incidence but cautioning people to stay alert from fraud calls, offers associated with Covid-19, etc that they'll get as their data is being sold within the dark web. Data sold within the dark web is usually exploited by cyber criminals and fraudsters for various reasonably frauds.
He said that Google has indexed lakhs of information from the affected system. “PII including Name, MOB, PAN, Address etc of #Covid19 #RTPCR results & #Cowin data getting public through a Govt CDN. #Google indexed almost 9 Lac public/private #GovtDocuments in search engines. Patient’s data is now listed on #DarkWeb. Need fast deindex,” Rajaharia said in his tweet.
An email query sent to the Ministry of Electronics and IT failed to elicit any reply. The sample document shared on Raid Forums shows that the leaked data was meant for upload on Co-WIN portal.
The government has heavily relied on digital technologies in terms of controlling and creating awareness about the Covid-19 pandemic as also its vaccination programme.
Several government departments mandate people to use Aarogya Setu app for Covid-19 related services and knowledge. Rajaharia during a follow-up tweet on January 20 said that he's not reporting any vulnerability during this incidence but cautioning people to stay alert from fraud calls, offers associated with Covid-19, etc that they'll get as their data is being sold within the dark web. Data sold within the dark web is usually exploited by cyber criminals and fraudsters for various reasonably frauds.