• Hello and welcome! Register to enjoy full access and benefits:

    • Advertise in the Marketplace section for free.
    • Get more visibility with a signature link.
    • Company/website listings.
    • Ask & answer queries.
    • Much more...

    Register here or log in if you're already a member.

  • 🎉 WHV has crossed 14,000 monthly views and 157,000 clicks per month, as per Google Analytics! Thank you for your support! 🎉

Major Indian Data Breach Leaks Thousands of Bank Transfer Records

johny899

New Member
Content Writer
Messages
421
Reaction score
3
Points
23
Balance
$462.6USD
Did you read the story about the data breach in India? Thousands of bank transfer papers were made publicly visible online and unsecured. If that doesn't make you want to check your bank account twice, what will?

How Did That Happen?​

According to UpGuard, a security company, they discovered the problem last week in August. An Amazon cloud box was created incorrectly and left opened with no password. The data that was exposed was 273,000 pdf files which held the actual data of real people's bank transfers with account numbers, transaction details and contact information. That's a lot of dirty laundry just hanging out there!

What Data Was Leaked?​

The majority of leaked data was connected to NACH transactions. NACH is a system banks in India use to automate payments to customers, such as salaries, loans, or bills. The data breaches affected at least 38 banks and financial institutions, which includes Aye Finance and the State Bank of India (SBI). A check of available files found that more than 50% of the files have Aye Finance information, and the existence of SBI data shows just how significant the data leak was.

What Was Done?​

After discovering the data leak, UpGuard contacted Aye Finance and the National Payments Corporation of India (NPCI) to notify them of the information exposed. Unfortunately, by the time it reported the breach the data exposure had been online for few days. In the end, after reporting this breach to India's CERT-in, the public server was removed.

Who is Responsible?​

This accountability is a bit murky. NPCI claimed it was secure, but there are no comments from either Aye Finance or SBI. So, there's an uncomfortable situation and nobody is taking responsibility.

Why Should You Care?​

You should. It's concerning to have your financial information exposed and that could be further exploited. Even if it does not happen, fraudsters can still take advantage. This is simply a file for you to have an eye with your accounts and the way they are established online. Banks are not the only place where your finances are secure and you must keep an eye there too.

Next time you receive a PDF with bank details or any odd emails, at least stop, think about whether to open it or go ahead and do it.
 
You must log in or register to reply here.
Menu
Log in
Register