Moneycontrol PRO
Upcoming Event:Attend Algo Convention Live, 2 Days & 12+ Speakers at best offer Rs.999/-, exclusive for Moneycontrol Pro subscribers. Register now!
you are here: HomeNewsBusiness

Financial data of 3.3 lakh Indian cryptocurrency users potentially leaked to dark web: Report

The company BuyUCoin on the other hand has denied the breach and said it had conducted “routine testing with dummy data” in mid-2020.

January 22, 2021 / 08:55 AM IST
Representative image

Representative image

Financial information of 3.3 lakh Indian users of Cryptocurrency Exchange Company BuyUCoin have been leaked to the dark web by a hacker group called ShinyHunters on January 20, independent cybersecurity researcher Rajshekhar Rajaharia alleged.

Information includes sensitive data such as bank account details (account type, bank IFSC code), email addresses, KYC documents, PAN numbers, and phone numbers, accessed through an alleged “breach in database” of BuyUCoin, the Times of India reported.

Moneycontrol could not independently verify the report.

BuyUCoin on the other hand has denied the breach and said “reports of 3.5 lakh users being compromised is incorrect.” It added that the company itself conducted “routine testing with dummy data” in mid-2020.

“We faced a ‘Low Impact Security Incident' in which non-sensitive, dummy data of only 200 entries were impacted. We would like to clarify that not a single customer was affected,” the company said.

Close

But Rajaharia said ShinyHunters was behind the leak and also shared screenshots of the data dump with the paper. Notably, this particular hacker group had previously claimed responsibility for the Juspay data breach and has so far put 6GB of data of Indian crypto users on the ark web for free.

The data leaked was collected by BuyUCoin to facilitate the purchase of cryptocurrencies.

Cryptocurrencies are unregulated in India, Rajaharia pointed out, adding that since the data leaked is sensitive and can be used by the hackers to transact in cryptocurrency, “the onus is on the firm to inform its users that there has been a breach.”



Download your money calendar for 2022-23 here and keep your dates with your moneybox, investments, taxes

Moneycontrol News
first published: Jan 22, 2021 08:55 am
Sections
ISO 27001 - BSI Assurance Mark