Sensitive details of 7 million debit and credit cardholders are available on a public Google Drive document that has been circulating on the dark web.
The leaked database also includes the PAN numbers for 5 Lakh cardholders. Screenshots of the leaked data reveal that the database, sized 2 GB, is on a public Google Drive link.
Sonit Jain, CEO of GajShield Infotech, commenting on the data breach, says,” Availability of such sensitive data on the dark web is a strong proof that enterprises need stricter data handling policies for both internal users and third-party vendors that use these data for outsourced services. We have seen the impact of such information leaks like scammers impersonating digital wallet providers calling for KYC or offering quick loans, easy credit cards etc. only to result in monetary loss of these individuals”.
“While every company pushes for educating its customers on not sharing OTP, CVV, Card and Account number etc., the primary source of such data are the enterprises themselves. It is their approach to data security that these enterprises must consider reworking on and prevent such incidents on first hand. Only with a strict data privacy law, will enterprises look at data security seriously and work towards protecting consumer data”, he added.
The cases of data breach have been on a rise in 2020 and such data leaks surely pose a big threat, not only to the personal information, but also to the finances of a person.
It was recently found that the famous application GoSMS Pro was leaking user data and still didn’t care to fix it. Before that, it was the case of BigBasket that put data of 20 million people at risk. These are just a few amongst the long list of data breaches this year and it needs to stop as soon as possible.