Upstox joins the spree of tech companies that have leaked their customer details due to a data breach. The Indian stockbroking firm has released an announcement this evening describing a possible data breach and suggested measures to secure user accounts. It claims to have tightened its infrastructure after being recommended by a cybersecurity firm.
Upstox Data Breach Leaking Customers’ PII
Upstox is the second-largest Indian stockbroking firm in terms of active clients. Earlier today, an independent security researcher named Rajasekhar Rajaharia has pointed out a data breach relating to Upstox, that has leaked the sensitive information of 2.5 million customers online.
Rajaharia has earlier disclosed a data breach at MobiKwik and now shared that a ransomware group called ShinyHunters breached the Upstox server, and leaked over 56 million KYC of their customers. The leaked data include customers’ Names, Email, DOB, PAN, Bank Details, and KYC information like their Passport, PAN, Cancelled Cheque, Sign Pics, etc.
Again Huge KYC Leak!! approx 2.5 Million @upstox Users Including 56 Million KYC files alleged leaked by ShinyHunters from UpStox Server. Data Including Name, Email, DOB, PAN, Bank Details, KYC(Passport, PAN, Cancelled Cheque, Sign Pics etc.) #infosec #GDPR #databreach pic.twitter.com/IZQIWVD0MM — Rajshekhar Rajaharia (@rajaharia) April 11, 2021
