Details of over 37,000 customers registered with financial service provider BharatPay were hacked. The leaked information, such as usernames, passwords, phone numbers, email addresses and UPI IDs, was found on a cybercrime forum. The data also included sensitive information of employees from their 32 partner banks. This hack has put the financial information of the 37,000 users at risk of further exploitation like spear-phishing, smishing, ransomware and social engineering attacks.
Details regarding the API configurations were also hacked, making way to further damage as it would allow access to financial plans, deductions, discounts etc. The stolen data was sold for less than eight credit points on the cybercrime forum.
The partner banks affected by the BharatPay hack include Axis Bank, HDFC, Punjab National Bank, Reserve Bank of India, State Bank of India, and Yes Bank, among others. BharatPay operates in 11 states and has over 50,000 retail outlets.
Upon investigation, it was found that the outdated software version that was still used made hacking easier for cybercriminals. The researchers from CloudSEK found an outdated software version from October 2020 was being used. The PHP version of the software was 4.9.7. Moreover, they also continued using the outdated jQuery modules that use the 2014 version.
An independent security researcher, Sunny Nehra said to ET CISO “The outdated jQuery has prototype pollution and other flaws as well.” A sample of the outdated jQuery module is, “/*! jQuery v2.1.1 | (c) 2005, 2014 jQuery Foundation, Inc. | jquery.org/license */.
As per CloudSEK researchers, it is recommended that the companies patch vulnerable and exploitable endpoints and not store passwords in cleartext. Enabling multi-factor authentication is also stressed as a security measure. Since the hacker may have propagated a Denial of Service (DoS) or remote code execution attack, researchers ask service providers to scan anomalies in user accounts for possible account takeovers.
Mitigation activities have been implemented by BharatPay security personnel and the victims of the BharatPay hack have been informed about the incident.
AI fraud, deepfake probes, SME cyber warnings, and ransomware cases highlight rising global risks in this week’s Cyber Express roundup.
French national bank authority confirmed a major data breach affecting 1.2 million bank accounts after a malicious actor stole credentials…
The real success of AI will not only depend on how powerful the technology becomes, but on how safely, fairly,…
Israel data breach totals two petabytes, with phishing up 35% and cyber influence attacks rising 170%, says Yossi Karadi.
The UMMC cyberattack halted surgeries, closed clinics statewide and triggered a federal probe into potential patient data exposure.
ESET researchers discovered PromptSpy, the first known Android malware to integrate generative AI directly into its execution flow, marking a…
This website uses cookies. By continuing to use this website you are giving consent to cookies being used.
Read More