Such as was discovered by a security researcher, personal information such as email IDs, full names, phone numbers and debit and credit card details of more than 100 million users Juspay have been violated.
If a person has made online payments on any of these platforms and the payment has been processed by Juspay, there is a possibility that their card details will be compromised.
Juspay had announced the breach on 18 August 2020 and in an official statement, insisted that all data of its customers, including PINs, is "secure".
According to Rajshekhar Rajaharia, the researcher who discovered this data on the Dark Web a few days ago, the seller is asking $ 8.000 in Bitcoin for the data.
Η leakage could make cardholders more prone to phishing scams.
According to the payment processing company, the breach was "limited to a single incident" and media reports "appear to exaggerate the incident".
Determining the incident, the company stated that “the violation was limited to an isolated one system containing a non-sensitive encrypted card used primarily for merchant UI display purposes and cannot be used to complete a transaction. ”
Ο Tobby Simon, founder and president of the Foundation Synergy, blamed Juspay for not revealing the breach to customers immediately and characterized the company "extremely irresponsible».
Rajaharia also rejected the company's claims that because only non-sensitive data was violated, there is no danger for customers. According to the researcher, the potential risk of such a breach is high, especially because the card fingerprint data has been breached and if a hacker could gain access to the encrypted algorithm, it would lead to exposure of all card data.