Juspay, the Payment Platform of Leading Online Merchants Amazon and Swiggy Suffers Data Breach

Juspay, the Payment Platform of Leading Online Merchants Amazon and Swiggy Suffers Data Breach
Juspay, the payment processor of prime online merchants like Amazon and Swiggy was hit by a massive data breach and now more than ‘3.5 Crore users critical card information is available for sale on the dark web’. Rajshekhar Rajaharia an independent cybersecurity researcher spotted the whole incident when an anonymous person put the stolen database for sale on the dark web and was trading via telegram. 

Juspay witnesses nearly 650k transactions per day and is an ally of leading online giants like Amazon, Swiggy, BookMyShow, MakeMyTrip, Snapdeal, Freecharge, and Yatra. The company’s data store suffered a data breach in August 2020 which compromised 3.5 Crore records. 

The screenshots of sensitive information of cardholders which includes the last four digits of the card, bank name, expiry month, and year are floating around the dark web. Juspay asserted no sensitive information regarding user card numbers or bank information is breached. 

Juspay, a Bangalore-based company acknowledged in their statement that “An old unrecycled AWS access key was exploited and that enabled the unauthorized access. An automatic system alert was triggered due to a sudden increase in the usage of the system resources on the data store. Our incident response team immediately engaged and was able to trace the intrusion and stop it. The server used in the hack was terminated and the entry point for this intrusion was sealed”. The company also asserted that the company does not store the critical information like PINs, Passwords or CVV and therefore the data was not breached. 

Juspay claimed that only non-sensitive information like the user masked card data and card fingerprints was leaked and no critica ..

Support the originator by clicking the read the rest link below.