MobiKwik Said to Be Ordered by RBI to Urgently Probe Alleged Data Leak
Home » Smart home » Gadgets » MobiKwik Said to Be Ordered by RBI to Urgently Probe Alleged Data Leak

MobiKwik Said to Be Ordered by RBI to Urgently Probe Alleged Data Leak

posted in: Gadgets 0
MobiKwik has been ordered by the Reserve Bank of India (RBI) to probe allegations that data of over 100 million users was breached and warned the digital payments firm it will face fines if lapses are found, a source with direct knowledge of the situation told Reuters.MobiKwik, which is backed by Sequoia Capital and Bajaj Finance, has faced growing criticism this week for denying a leak many customers and digital rights activists say is linked to the company’s database.

The Reserve Bank of India (RBI) was “not happy” with the company’s initial response and has asked it to act immediately, said the source, who declined to be named as the discussion with the company was private.

Last month, MobiKwik denied the alleged data leak in an emailed statement, “As a regulated entity, the company takes its data security very seriously and is fully compliant with applicable data security laws. The company is subjected to stringent compliance measures under its PCI-DSS and ISO Certifications which includes annual security audits and quarterly penetration tests to ensure security of its platform.” A company spokesperson added that MobiKwik was closely “working with requisite authorities” on the matter and will get a third party to conduct a forensic data security audit, considering the seriousness of the allegations.

“For its users, the company reiterates that all MobiKwik accounts and balances are completely safe,” the spokesperson said.

However, independent security researchers have claimed that the data — over 8.2TB in size — has been put on sale on the dark Web for quite some time now. Gadgets 360 was first informed about the alleged data breach in February. The hackers group, that allegedly had access to the data for months, has now made it accessible through a search engine that suggests some of the leaked data elements — including the names, phone numbers, and email IDs of millions of affected users.

Source link

Leave a Reply