HomeCyber Security NewsMobiKwik Wallet: The Biggest KYC Data Leak in the History

MobiKwik Wallet: The Biggest KYC Data Leak in the History


Key Takeaways
  • Independent researchers allege that KYC details of nearly 11 crore Indian MobiKwik users have been leaked on the Dark Web, including high-profile tech company founders' data.
  • The alleged breach contains 8.2TB of data, including phone numbers, emails, passwords, addresses, bank accounts, and card details of users, available for 1.5 Bitcoin on the Dark Web.
  • MobiKwik denies the breach, but users are advised to switch off international transactions, lower domestic transaction limits, and possibly block affected cards to protect their data.

If you have ever saved or used a card on MobiKwik, this news is for you! Independent cybersecurity researchers have alleged that a database containing KYC details of nearly 11 crore Indian users of MobiKwik is leaked on the Dark Web.

MobiKwik: The Biggest KYC Data Leak in the History

It was first tweeted by independent cybersecurity researcher Rajshekhar Rajaharia and then by French researcher Elliot Alderson on Monday. Alderson tweeted “Probably the largest KYC data leak in history” along with a screenshot of the blacked-out leaked data list on the darknet. “Personal data of several high-profile Indian tech company founders were found in the compressed data dump,” Rajaharia said!

It is assumed that the alleged breach includes 8.2TB of data containing phone numbers, emails, hashed passwords, addresses, bank accounts, and card details of MobiKwik users. It also consists of 99 million mail, phone passwords, addresses, and data of other installed apps, IP addresses, and GPS locations.

According to the researchers, the entire breached database is available for 1.5 Bitcoin on the Dark Web. The seller has set up a dark web portal where anyone can search by phone number or email ID and get the results from the 8.2 TB of breached data. It is done to authenticate the data. Also, the seller has promised to delete the data once the payment is made. Back in 2017, we have covered the same story Major Security Flaws on Popular Mobile Wallets (Digital Wallets Scam)

However, MobiKwik has denied any such breach. “Some media-crazed so-called security researchers have repeatedly attempted to present concocted files wasting precious time of our organization as well as members of the media. We thoroughly investigated and did not find any security lapses. Our user and company data is completely safe and secure,” the company said!

Thus, if you have ever used or saved a card on MobiKwik, then you should immediately turn off international transactions while reducing the limit for the domestic transactions. If possible, you must block that particular card.

Nearly 9 crore users below information are leaked ?

1. Mobikwik Account Phone Numbers
2. Your full name
3. Your KYC documents like PAN & Aadhaar
4. E-mail addresses
5. Hashed passwords
6. Debit/Credit Card details
7. Your GPS location
8. Phone model details including IMEI
9. Other apps in your system.
10. Your selfie

Aditya Kashyap
Aditya Kashyaphttps://itechhacks.com
Aditya is a Senior content writer at itechhacks. He likes to cover topics related to How-To, Windows 10, Android, iOS and interesting gadgets. He has over 5 years of experience in tech and troubleshooting.


Please enter your comment!
Please enter your name here