Top Five Data Breaches That Rocked India

Top Five Data Breaches That Rocked India

There are tons of  Indian businesses of different sizes offering their services online. However, now more than ever, more companies rely on remote services because of the recent coronavirus pandemic lockdown.

The internet is also home to criminal elements looking for the slightest security vulnerabilities to exploit. Unfortunately, data breaches affected some major Indian companies in 2021.

According to experts, the technology infrastructure in India isn’t efficient, and there are not enough laws to protect India’s data privacy. Furthermore, these businesses can lose more customers if they don’t take effective measures to protect users’ data.

According to the Indian Computer Emergency Response Team (CERT-In) report, hackers breached over 26,000 Indian websites in 2020. Also, IBM estimates that companies across 17 regions lost $3.86 million because of data breaches. In this article, we’ll look at the five biggest data breaches in India in 2021.

Five Major Data Breaches That Hit India in 2021

Statistics show that the rate of data breaches in India in 2020 increased by 37% from 2019. Sadly, the rate continues to rise. Here are the five biggest data breaches that occurred in India in 2021 that you need to be aware of:

Air India Data Breach

One of India’s major airline carriers was the victim of a cyberattack early in 2021, March more precisely. Air India disclosed that hackers took advantage of a compromised server to bypass their security and steal data. The incident occurred towards the end of February. The compromised data included the personal information of more than 4.5 million passengers. The affected passengers were those who registered with the company between August 26, 2011, and February 2, 2021. 

The information included passengers’ names, date of birth, contact information, passport information, frequent flyer data, and even credit card details. That’s a lot of information that could lead to devastating effects in the wrong hands.

However, Air India was quick to allay passengers’ fears. It assured them that their CVV/CVC credit cards data were in safe hands. Additionally, the airline maintained that users’ passwords remained protected and safe. However, it suggested that passengers should change their passwords for safety.

According to Air India, its data processor, SITA Passenger Service System (PSS), brought the attack to its notice in late February. However, in the following months, the airline got more details about the data breach.

To contain the situation, Air India quickly became proactive. It secured the compromised servers and reset the passwords for its frequent flyer programs. Additionally, it notified credit card companies and started to investigate the incident.

Domino’s India Data Breach

When it comes to ordering food online, the average person may never imagine that they could be at risk of data theft. However, many people in India now look at things differently. This was after news broke that hackers stole 180 million order details from Domino’s India’s servers.

Alon Gal, CTO of the cybercrime intelligence firm Hudson Rock, tweeted about the data breach on April 18, 2021. He stated that a threat actor was asking for over half a million US dollars for 13TB data stolen from Domino’s India.

The stolen database included customers’ details, including names, emails, home/work addresses, location data, and phone numbers. According to Gal, payment details also got compromised, and hackers stole a million credit cards data. 

Unfortunately, in the weeks that followed, the hackers eventually published the data on the internet. In addition, they created a search engine to allow anyone to access the data through any browser by searching a phone number or address.

The customers affected by this breach were those who had placed orders on Domino’s India mobile platform since 2015. This incident was devastating because people could use the information to spy on people who were affected. Also, the manner through which the hackers got access to Domino’s India’s server was never disclosed.

However, Domino’s India maintained that it didn’t store customers’ financial information throughout the entire ordeal. So, according to the company, it meant that no data breach occurred.

Facebook Data Breach

People around the world are hardly surprised these days to hear that some sort of Facebook data leaked. It’s still not clear why these data breaches continue to happen with the social media company. However, its Indian users have suffered from such incidents. One would expect that a social media platform such as Facebook, where people upload their private details, would employ excellent security apparatus.

In April 2021, Facebook suffered yet another data breach. In this case, Unknown parties stole the data of over 6 million Indian users. This data breach gave the hackers access to sensitive information. Data compromised included Facebook IDs, email addresses, phone numbers, date of birth, past locations, and relationship statuses.

With such information at their disposal, the hackers could have easily impersonated Indian users, sold the data to interested parties or carried out whatever nefarious plans they had. So again, this was a harsh reminder for Indians that the internet isn’t entirely safe.

According to Facebook, the fiasco occured because the hackers found a vulnerability in the company’s contact import tool. People usually use the import tool to find their friends. However, the social media giant claimed that the situation was under control. But for many Indian users, it all felt a little bit too late. It is alleged that the data was posted on a public online forum where anyone could access it.

Mobikwik Data Leak

Mobikwik has grown over time to become one of India’s most popular digital wallet services. With its reputation, many expected that such a platform would be highly secure. However, in early March 2021, cybersecurity expert Rajashekhar Rajaharia revealed that wasn’t the case. He claimed that 110 million Mobikwik users’ data was leaked and put up for sale online.

Other reports revealed that the data breach exposed information such as credit card details, Aadhaar card details,  Know Your Customer (KYC) documents, IP address, GPS location, and other sensitive details.

In the wake of the report, Mobikwik refuted the claims about any data breach, stating that no such incident occurred. The company took to its Twitter account to say that the files circulated didn’t prove a breach occurred. It added that “anyone can create such text files to falsely harass any company.” Mobikwik later released a statement saying that they had thoroughly investigated the claims and they found nothing suspicious.

Eventually, a couple of other cybersecurity experts supported Rajaharia’s claims. However, French cybersecurity expert Robert Baptiste, and Troy Hunt, the creator of haveibeenpwned, insisted that a data breach had actually occurred.

The hackers made the data available for search via a .onion site on the Tor network, which is infamous for illegal underground activities. So, it wasn’t surprising to see that many Indian users tweeted that they had found their personal information on the dark web.

Upstox Data Breach

Upstox is the second-largest stockbroking firm in India. In April 2021, the company suffered a data breach. Upstox announced to its customers that it had been the target of a cyber attack. The company disclosed that the breach compromised their contact and KYC data.

This data breach caused a media frenzy. According to reports, the attack affected over 2.5 million Upstox customers. Cybersecurity experts suggest that some of the information leaked include email addresses, date of birth, passport information, PAN card, and other sensitive data. Additionally, it’s reported that the infamous hacker group ShinyHunters is responsible for the attack.

According to Upstox CEO Ravi Kumar, the data breach occurred due to a compromised third-party data warehouse. In a press statement, Mr. Kumar assured customers that their funds and securities were intact. He added that Upstox had improved its security by implementing new security measures such as ring-fencing its network and a password reset.

It is one thing for data breaches to occur on platforms like Domino’s India and BigBasket. Still, when it involves a fintech platform like Upstox, it becomes clearer that hackers have their sights set on businesses or companies that collect personal information about customers.

However, since Upstox announced the security breach, none of its customers have come forward to complain about their account being compromised. This, in some way, is a great thing because many Indian customers are now aware of the vulnerabilities that can exist with online platforms and can be extra cautious.

Although these incidents mentioned are just the major ones, many other businesses have been affected by data breaches. 

Final Remarks

With the trend of data breaches affecting Indian companies in diverse niches, it is evident that these organizations need to do a whole lot more to protect their customers. There’s no telling how data breaches may occur, but companies should invest in the latest cybersecurity tools and practices to prepare for any occurrence. A sigh of relief is definitely better than “oops!”