Products
▸
The leak was discovered in April, but was covered only after 22th of May. The compromised details date back to February 2019.
409 GB got breached, including financial records and PAN card details, Aadhaar data, photos. The leaked information makes millions of people vulnerable to various kinds of fraud.
Although National Payments Corporation of India keeps denying the lack of security in the app. BHIM is claimed to store some of their users’ data on a misconfigured AWS S3 bucket therefore allowing for an exposure to occur.
1 million of entries containing CSV lists of merchant businesses with the proprietors’ UPI ID numbers were reportedly among the unprotected data.