The Indian startup Juspay handles payments for online marketplaces, including Amazon.
Juspay suffered a data breach around five months back, and now the investigation has revealed that around 35 million (3.5 crores) Juspay customers have been affected.
It is worth noting that Juspay is among the list of 26 companies that were reported by Hackread.com on January 2nd to have suffered a data breach. Currently, a hacker is selling 365 million user records and that also includes Juspay.
List of the allegedly breached website along with sample data offered by the hacker (Image: Hackread)
Juspay Data Dumped Online
The information stolen at the time is being sold on the dark web. According to security researcher Rajshkhar Rajaharia, sensitive data of around 35 million credit cardholders in India was compromised in the breach.
The researcher took to Twitter to reveal details of the data breach. Rajaharia stated that the compromised data include the name, bank name, and mobile number of the customers whose payment data was stored by the company.
He also shared a screenshot of some of the dumped data.
Juspay Data Breach
Juspay identified unauthorized activity on August 18, 2020. The company was alerted in the early hours of the morning. According to the official statement released by Juspay, the unusual activity was noticed in one of its data stores.
Investigation revealed that threat actors used an unrecycled, old Amazon Web Services access key to access the server. This triggered a ..
Support the originator by clicking the read the rest link below.
