Some media-crazed so-called cyber-security researchers have repeatedly attempted to present concocted files wasting precious time of our organisation as well as members of the media
Independent cyber-security researchers claim that a KYC database of the digital wallet and payments company MobiKwik, containing details of 3.5 million of the company’s users is up for sale on the Dark Web.
MobiKwik, which is reported to plan an initial public offering (IPO) around September this year for raising finance between $200 and $250 million, on Monday, denied claims about the leakage of sensitive data of millions of its users.
The alleged breach includes 8.2TB data containing users’ phone numbers, emails, hashed passwords, addresses, bank accounts and card details, as per tweeted first by an independent cyber-security researcher Rajshekhar Rajaharia and then by French cyber-security researcher Elliot Alderson on Monday.
The company said in a statement, “Some media-crazed so-called cyber-security researchers have repeatedly attempted to present concocted files wasting precious time of our organisation as well as members of the media”.
“We thoroughly investigated and did not find any cyber-security lapses. Our user and company data is completely safe and secure”.
Alderson had tweeted: “Probably the largest KYC data leak in history”.
Rajaharia had earlier claimed, “11 crore Indian cardholder’s cards’ data including personal details and KYC soft copy (PAN, Aadhaar etc) allegedly leaked from the company’s server in India”.
The entire database is available for 1.5 Bitcoin (nearly $84,000) on the Dark Web, according to the researchers.
According to regulatory filings with the Ministry of Corporate Affairs, the reports surfaced as MobiKwik last week raised $7.2 million in a funding round prior to the listing on the stock exchange.
Mobikwik’s post-money valuation currently stands at $493 million with the latest funding round, according to Entrackr.