Five Biggest Data Breaches That Hit India in 2021

Five Biggest Data Breaches That Hit India in 2021

From Air India to Juspay, a look into the biggest data breaches that have occurred so far in 2021.

With the onset of the pandemic, many companies had to overhaul operations overnight. As several companies made a quick transition to remote working, they were unprepared to deal with security lapses. Consequently, cybercriminals exploited the vulnerabilities, and data breaches rose steadily in India.

“Indian startups run a huge risk of data breaches given gaps in technology infrastructure and evolving practices of cyber laws,” IvyCap Ventures Founder and Managing Partner Vikram Gupta said.

“Startups focused on large consumer bases run the risk of losing trust from their customers if they don’t take proactive measures to prevent this,” he added, noting that laws have to be “strengthened further.”

According to the Indian Computer Emergency Response Team (CERT-In), more than 26,100 Indian websites were hacked in 2020. In one of the biggest data breaches last year, the personal information of over 20 million customers of Bigbasket, India’s leading online grocer, was sold on the dark web.

A 2020 report by IBM estimates that the data breaches have resulted in a loss of $3.86 million on average across 17 geographies surveyed last year.

This year too, cases of data breaches are on the rise. Here’s a look at the five biggest data breaches that made headlines in 2021.

Air India data breach

Impact: 4.5 million passenger details

Last week, India’s flag carrier airline Air India announced that the personal data of about 4.5 million passengers had been compromised following a cyber attack on its servers. The breach compromised the information of passengers who had registered with the airline between August 26, 2011, and February 3, 2021, Air India said in a statement.

The stolen data included passengers’ names, date of birth, contact information, credit card details, passport information, Star Alliance and Air India frequent flyer data, and ticket information.

However, in the statement, Air India added that CVV/CVC data of credit cards were not held by its data processor. While passwords weren’t accessed, the airline urged passengers to change their passwords “to ensure safety of their personal data.”

Air India said that SITA passenger service system (PSS), the airline’s data processor, had first flagged the airline about the attack in late February. However, the details of the compromised data were only provided in the following months.

In the statement, the airline also said that it took a number of immediate steps to “ensure safety of the data.” These steps included securing the compromised servers, investigating the incident, notifying the credit card issuers, engaging external data security specialists, and resetting the passwords of Air India frequent flyer programs.

Domino’s India data breach

Impact: 180 million order details

In a massive data breach, 180 million order details were stolen from Domino’s India’s database. The news of the breach was first shared by Alon Gal, Co-Founder and CTO of cybercrime intelligence firm Hudson Rock.

In a tweet on April 18, Gal stated that a “threat actor” had claimed to hack Domino’s India and stolen 13TB (terabytes) of data. The leaked information included order details such as names, emails, addresses, GPS location, and phone numbers. Payment details, including information of 1,000,000 credit cards were also stolen, Gal said.

Alarmingly, last week, the hackers made the details of the leaked orders public. Usually, when a data breach occurs, the data is circulated only on the dark web. However, in Domino’s’ case, the hackers created a search engine that is accessible on any browser. This essentially means that anybody can pull details such as a user’s location if they search for a phone number or an email address.

Sharing the details in a tweet, cybersecurity researcher Rajshekhar Rajaharia, wrote, “The worst part of this alleged breach is that people are using this data to spy on people.”

“Anybody can easily search any mobile number and can check a person’s past locations with date and time. This seems like a real threat to our privacy,” he added.

The breach seems to have affected users who have ordered from Domino’s India online or via phone between 2015 to April 2021.

Following the reports of the breach last month, a Domino’s India spokesperson had said, “As a policy we do not store financial details or credit card data of our customers, thus no such information has been compromised.”

The company is yet to comment on the recent developments.

Juspay data leak

Impact: 100 million user accounts

The records of 100 million users of Bengaluru-headquartered payments processor Juspay were leaked on the dark web through a compromised server of the company. Juspay processes payments for tech companies such as Amazon, Flipkart, Swiggy, and Uber, among others.

The data was first spotted by Rajshekhar Rajaharia on the dark web in early January. The leaked database contains 16 different details corresponding to users’ payment cards. This includes the card brand, expiry date, the masked card number, card type, the last four digits of the card, customer ID, and merchant account ID.

Later, in a blog post, Juspay wrote that the cyberattack had occurred on August 18, 2020. It added that 35 million records with masked card data (which is non-sensitive information) and card fingerprint were breached. Additionally, a part of the company’s metadata, which contained non-anonymized email IDs and phone numbers were also compromised. Juspay added that as it does not store details such as CVV, PINs, or passwords, these were secure.

However, Rajaharia claimed that based on the information he came across on the dark web, 100 million email IDs and phone numbers, along with 45 million card details were leaked.

“On 3 January, I came across a seller on the dark web selling two files of data, one with email addresses and mobile numbers of 100 million customers, while the other had stored card data of 46 million transaction details,” he told CNBC.

Upstox data breach

Impact: 2.5 million customer data

Last month, Indian stockbroking firm Upstox alerted its customers of a data breach that compromised users’ contact and Know Your Customer (KYC) data.

According to media reports, the breach affected the personal data of 2.5 million customers. Rajaharia noted that the leaked KYC details included data such as date of birth, email, passport, PAN card, and more. The hacker group ShinyHunters is believed to be behind the breach.

“We would like to assure you that your funds and securities are protected and remain safe,” Upstox CEO Ravi Kumar wrote in a statement. He added that the company also initiated a password reset.

Following the attack, the company took several steps to enhance security, especially at the third-party warehouses. This included additional ring-fencing of its network and real-time 24×7 monitoring.

Mobikwik data leak

Impact: 110 million user details

The data of around 110 million users of mobile wallet and payments app MobiKwik was reportedly on sale on the dark web. This breach was also first reported by Rajaharia in early March.

The leaked data includes information such as credit card details, mobile phone numbers, Aadhaar card details, IP address, GPS location, and more. However, MobiKwik denied the claims about the breach.

“Our user and company data is completely safe and secure,” MobiKwik claimed in a tweet. “The various sample text files that he has been showcasing prove nothing. Anyone can create such text files to falsely harass any company.”

Later, in a statement, the company added that they “thoroughly investigated” the breach and “did not find any security lapses.”

However, several others, including French cybersecurity expert Elliot Anderson and Australian web security researcher Troy Hunt also corroborated Rajaharia’s claims.

The data was reportedly available for search via a link (now disabled) using the Tor browser. Several users had also tweeted that they found their personal information through the link.

Amid the increasing instances of data breaches in India, security experts have called for better cybersecurity measures by organizations.

“Organisations handling end-user data should be investing more in cybersecurity solutions and practices that will enhance their security posture,” Prakash Bell, Head of Customer Success, India & SAARC, Check Point Software Technologies, told The Indian Express.

“In today’s digitalized world, protecting end-customer information is vital,” he added.

Header image by Sora Shimazaki from Pexels


Share on facebook
Share on twitter
Share on linkedin
Share on email


Elon Musk Buy Next

What Is Elon Musk Going to Buy Next?

There are moments in our lives—perhaps we are in the shower or struggling to sleep at 2 A.M.—when we think about all the ways we could influence the world. We find solutions to crypto volatility, world hunger and our neighbor’s ultra-dry plants.

5 Technologies

5 Technologies That Are on Stage in Russia’s Invasion of Ukraine So Far

On February 21, 2022, Vladimir Putin, President of the Russian Federation, declared the independence of the Donetsk People’s Republic and Luhansk People’s Republic. Arousing international outcry, this ignited the ultimate invasion of Russia on Ukraine three days later. While Ukrainians are still defying Putin’s covetous ambitions, new technologies have been floating on the surface to take advantage of each other.

Technology Joy Ghose

Technology Pioneers – Interview With Joy Ghose of FreeD Group

Over the past 15 years, the Chief Commercial Officer (CCO) of FreeD Group Limited, Joy Ghose, has accumulated plenty of experience in the travel and technology industry. Before joining FreeD Group, Ghose was involved in sales, marketing and management roles at companies like Merlin Entertainments and The Hong Kong Tourism Board.

Creamy Mattes and Beyond Reviewing GoPlay Cosmtics’ Custom Lipstick Maker

To Creamy Mattes and Beyond: Reviewing GoPlay Cosmtics’ Custom Lipstick Maker

While researching for our piece on personal color analysis, I came across the LIPSKIT, a custom lipstick-making tool created by GoPlay Cosmetics. GoPlay Cosmetics is a DIY (do-it-yourself) make-up brand that is looking to prioritize sustainability in the make-up industry without compromising the variety of your lipstick collection.

Ledger vs Trezor

Ledger vs Trezor: Where Should You Store Your Crypto Holdings?

As lucrative as the cryptocurrency world is, it comes with a high risk of losing your crypto because of hacks. To make sure that your crypto holdings stay safe with you, you must carefully choose effective storage solutions for them. One of the ways to keep your crypto secure is by holding it in a hardware wallet.