The personal data of 70 Lakhs Indian cardholders is leaked on the dark web. Cybersecurity researchers have found the flaw and said details like the name of the cardholder, phone number, income, account, email address, and more details were leaked.
Personal Data Including PAN Number of 70 Lakh users Leaked
Rajshekhar Rajahria, a security researcher, said that the leaked database is of around 2GB on the Google Drive link. The link consists of the names of credit and debit cardholders, email address, phone numbers, and it also had details of PAN Card and mobile alerts.
In a statement, Rajshekhar told,
“Data pertains to the period between 2010 and 2019, which could be very valuable to scammers and hackers. Since this is financial data, it is very valuable for hackers and scammers as they can use the personal contact details for phishing or other attacks.”
As per the reports, no card numbers were leaked. Researchers believe that the leak might have come from third-party service providers who are contracted by the banks to sell debit or credit cards. In the leaked database, there are PAN numbers of almost 5 lakh cardholders.
Another report suggests that the data is exposed to the Dark Web, which belongs to Axis Bank employees, Bharat Heavy Electricals Limited, Kellogg India Private Limited, and others. The annual income of these employees is between Rs. 7 Lakhs to 75 Lakhs.
It is not clear whether the data of these Indian users, which is leaked, is genuine or fake. However, the researcher Rajaharia said that he verified most of the users and matched the data provided on the dark web, and he found them perfect.
“I think someone sold this data/link on the dark web, and later it became public. Financial data is the most expensive data on the Internet.”
This is not the first time that the personal data of the users have been leaked. Earlier also we have seen sensitive data of many users were leaked.