Open in app

Sign in

Write

Sign in

Timeline of Orphan/Unclaimed data of 10 Crore Indian Card Holder Including KYC

Rajshekhar Rajaharia
4 min readApr 2, 2021

--

10 Crore Indian Cardholder’s Cards Data Including personal details & KYC soft copy(PAN, Aadhar etc) allegedly leaked

24th Feb 2021 10:16 AM (Unknown TimeZone) - DarkWeb Forum

25th Feb 2021 10:10 AM (IST) — Discord Group By Hacker

Jordandaven — The Hacker who leaked data
Hacker — Unknown member of this group (might be a buyer)

Sample Data shared in this group Seems to be MobiKwik (25th Feb 1:20 PM IST)

25th Feb 2021 1:34 PM IST — I alerted Mobikwik Founder

25th Feb 2021 Around 2:30 PM — Hacker Posted He lost access to main company servers.

No responce till today.

26th Feb 2021 9:06 PM — Posted on twitter that there is a massive data leak

27th 2021 12:39 AM IST — After my tweet CERT-IN asked complete details

1st March 2021 1:39 PM IST — I also found and reported a BUG to mobikwik

1st March 2021 5:48 PM IST — Mobikwik denied in just 4 Hour.

(In Just 4 hour they Denied me and later Fixed/Deleted infected API to remove evidence)

1st March 2021 6:13 PM IST— My reply to MobiKwik

(Later on 4th March I informed about this issue to CERT-IN also)

4th March 2021 12:21 PM IST — Hacker again shared a new Sample

I immediately informed Mobikwik and Cyber Police Station too

Still No Responce from Mobikwik

4th March 2021 5:07 PM IST — I again alerted CERT-in about this new Sample including above

CERT-IN Registered complaint immidiately

4th March 2021 8:27 PM IST — Mobikwik posted on Twitter that they will take strict legal action (without name)

5th March 2021 5:20 AM — Linked Deleted my Post related to Massive Data Leak (There was no company name)

5th March 1:39 PM IST — Also informed to RBI, Government, CERT-IN, PCI and Concerned Departments (Mailed them complete details till 5th march)

9th March 2021 — Twitter Locked My account and Deleted my tweet

12th March 2021 6:45 PM IST — Got a mail from Twitter (Mobikwik complaint to twitter)

27th March 2021 09:31 AM — Hacker Posted Complete Mobikwik Data on Darkweb and Created a Search Engine of 10 Crore Indian Card Holders Data

31st March 2021 3:56 PM IST — Twitter Again Deleted my Tweet and Locked my account for 12 Hour

Mobikkwik never replied to me till today.

Mobikwik
Mobikiwk Data Leak
Mobikwik Data Breach
Monikwik Leak Timeline
Mobikwik Leak

--

--

Rajshekhar Rajaharia

Written by Rajshekhar Rajaharia

53 Followers

I am a Entrepreneur, Security Researcher & Growth Hacker. https://www.rajaharia.com/

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams