The hype around MobiKwik’s data leak has taken a new turn today after several independent researchers are reporting they’ve found the leaked dump. As per them, the database containing 11-crore Mobikwik users is now available on the dark web for free, and many are checking whether their record is listed.
MobiKwik Data Dump in Dark Web
Earlier this month, we’ve covered a story of MobiKwik where it’s alleged to have leaked about 11-crore of its users’ database. This was pointed out by an Indian independent researcher named Rajshekhar Rajaharia, who said that a hacker had access to MobiKwik’s dump via a leaking server since January this year.
While MobiKwik immediately refuted his claims and even warned about filing a case against this report, it seems to be the incident is real and should get attention. This is because several other independent researchers are now reporting a dark website that listed out all the leaked records from the MobiKwik dump!
Probably the largest KYC data leak in history. Congrats Mobikwik… pic.twitter.com/qQFgIKloA8
— Elliot Alderson (@fs0c131y) March 29, 2021
This was reported initially by Elliott Alderson, who earlier called for weak security in Aadhar and Aarogya Setu app. Now, he tweeted about a site that’s letting visitors make a free search throughout the MobiKwik database, which’s claimed to be from the earlier hack.
The breadth of the database is unknown yet, but it’s reported to be 8.5TB and has KYC details of all MobiKwik’s registered users. KYC includes PII and also the images of users, which are sensitive. And since it’s interesting, many have started asking for the dump’s URL and the ones who’ve got are selling to others for a price!