Sunday, May 5, 2024
Home Cyber Attack Million of Data leaked from Indian Payment App

Million of Data leaked from Indian Payment App

From the source, Data breach happens with a mobile payment app called  Bharat Interface for Money(BHIM) which has been affected by millions of Data leaked.

This happens when the BHIM fails to secure and store the data which is collected from users and businesses in a sign-up campaign.

On April 23, The researcher team at vpnMentor made a hint for the data related campaign that was publicly accessible after being stored in a misconfigured Amazon Web Services S3 bucket.

This was the serious concern that the large scale of data has been exposed and affected millions of people all over India. The Exposed data may be used for potentially devastating fraud, theft, and attack from the hacker and cybercriminals.

The data all exposed are confidential which BHIM app use to open an account like Aadhaar card(India’s national ID card), Caste Certificates, professional and educational certificates, photos used for the of residence, PAN ( Permanent Account Number) which is associated with income tax services and the screenshots of financial and banking apps as proof of fund transfer.

If we talk about the private personal user data contained within these documents that include names, dates of birth, gender, home address, caste status, religion, biometric details, ID photos, fingerprint scan, and social security services.

In February 2019, around 7 Million records from the dating app and every data belong to the underage 18-year-old.

After investing more, they found vpnMentor’s team found around 409 GB of data stored insecurely in BHIM, which operates via the website www.cscbhim.in. The bucket traces back to BHIM as it was labeled as “csc-bhim”.

As the researcher mentioned, “ many weeks later, we contacted CERT-In a second time”. After that, the breach was closed.

 This app is launched in 2016 to facilitate instant e-payments and money transfers between bank accounts via a user’s smartphone. This app is downloaded around 136 million times according to the non-profit business consortium.

Bipin Choudharyhttps://vednam.com
Bipin has been a passionate blogger for several years. He is a Cyber Security Enthusiast, Security Blogger, Technical Writer. He is always eager to know everything about the latest technology development and advancement. Author @ Vednam

3 COMMENTS

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular

7 Best Free Ethical Hacking Courses Online

  Ethical hacking is the practice of identifying vulnerabilities in computer systems and networks, using the same techniques and tools as malicious hackers. Ethical hackers,...

How does AuKill malware work?

AuKill Malware Actively Used to Disable EDR in Ongoing Attacks The cybersecurity landscape is constantly evolving, and attackers are always finding new ways to breach...

What is Black box hacking ? How Does it works ?

  Black box hacking refers to the process of testing a system, network or application for vulnerabilities without having any prior knowledge of its internal...

What is Penetration testing ? How does it works ?

  Penetration testing, or PenTesting for short, is a critical part of any comprehensive cybersecurity program. It involves testing the security of computer systems, networks,...

Recent Comments