POST Online Media Lite Edition


Financial records of over 7m Indian citizens exposed in data leak

Christian Fernsby |
Over 7 million incredibly sensitive financial data records belonging to millions of Indian citizens were exposed when data related to India’s mobile payments app BHIM was stored on a misconfigured Amazon Web Services S3 bucket that was publicly accessible.

Article continues below

Topics: INDIA    DATA LEAK    

The massive exposure of financial data records of Indian citizens was discovered by security researchers Noam Rotem and Ran Locar at vpnMentor who found that the exposed data was related to a new campaign launched by the Indian government to encourage millions of people and business merchants to sign up to the mobile payments app.

The data exposure rendered millions of people across India vulnerable to potentially devastating fraud, theft, and attack from hackers and cybercriminals, the researchers warned.

The misconfigured AWS S3 bucket was unearthed when the researchers were carrying out a huge web mapping project to examine IP blocks and test various systems for weaknesses or vulnerabilities.

These 7.26 million exposed records included scans of Aadhar cards, scans of caste certificates, professional certificates, degrees, and diplomas, screenshots taken within financial and banking apps as proof of fund transfers, permanent Account Number (PAN) cards, and photos used as proof of residence.

What to read next

Iran releases 21 Indian fishermen
Indian warships to stay longer in Persian Gulf to protect merchant ships
Pakistan Navy claims it blocked Indian submarine