Data of nearly 35 lakh MobiKwik users allegedly leaked

Mobikwik, one of India’s most prominent digital payments platforms, is facing what has been claimed as one of the largest data breaches of its kind. On Friday, March 26, independent cyber security researcher Rajshekhar Rajaharia informed News18 about a massive data dump on the dark web.

The researcher, who had previously alleged a direct data breach from one of Mobikwik’s servers to have revealed personal and sensitive data of almost 11 crore users earlier in March, shared proof of the Mobikwik data breach that was, and still is, live in a database on the dark web. Hackers who have seemingly exploited the Mobikwik data breach was reportedly selling it for 1.5 BTC (approx.

Rs 63.7 lakh) — which is not a lot of money for a data trove of such scale.

News18 could independently access the 8.2TB data dump, which is still live via a TOR link. The leaked data that has been stored on the database was initially made available for public search, using which users could tally their email addresses and phone numbers that may have been hosted on the allegedly breached Mobikwik servers.