As each day passes by, we have more and more data breaches across the globe. This is especially true for India. Compared to the first quarter of 2019, the country witnessed 37 per cent more data breaches in 2020, as per a study conducted by IBM. The study also revealed that the average total cost to an Indian company for a data breach is Rs 14 crores last year. With each new data leak, users are at risk as personal and sensitive information becomes available to third parties on the internet for nefarious use. 2021 seems to be another bad year for India as far as data breaches go. As many as five major data breaches took place in the country after the BigBasket breach last year.
Here’s a look at the 5 major data breaches in India that took place in 2021 that you should know about.
Also read: Beware! KYC verification message sent to your Airtel or Vodafone number is a scam
Data breaches in India in 2021
1. Air India
In March 2021, Air India announced that it had suffered a data breach in the last week of February. According to the company, the data of around 45 lakh users was leaked which included their name, date of birth, mobile number/email address, passport information, ticket information, frequent flyer data, and credit card information. This was of the most serious data leaks of all time as it included passport details as well, which is one of the most important identity documents of a person.
2. Domino’s India
On 22nd May 2021, Rajshekhar Rajaharia, an internet security researcher, uncovered that data of 18 crore Domino’s orders was leaked online. The data breach included name, email, mobile number, and even the GPS location of the user. Alon Gal, CTO of a cybersecurity firm called Hudson Rock, claimed that credit card details of 10 lakh people who ordered pizza from Domino’s had also been compromised. However, Jubilant Foodworks, which owns Domino’s, claimed that no financial data had been leaked.
3. Facebook
Now, who doesn’t know about data breaches at Facebook! The social media platform is quite notorious for its data leaks. In a security attack that took place in April 2021, data of around 60 lakh Indian users was leaked from Facebook. The data breach includes Facebook ID, email ID, phone number, date of birth, past locations, and the relationship status of the users. Facebook says that hackers misused the company’s contact import tool, which people can use to find friends, to obtain data illegally. While the company claims that it has fixed the issue, the data set has reportedly been posted on an online forum and is accessible to anyone.
4. Mobikwik
Mobikwik, as you might know, is one of the most popular digital wallet services in India. Reportedly, the data of 110 million Mobikwik users was leaked. The data breach, according to various reports, includes details regarding KYC documents, Aadhaar cards, credit cards, and mobile phone numbers. The data breach was reported by Rajashekhar Rajaharia in March 2021.
Mobikwik, however, discarded the data breach report and claimed that there has been no such incident. Eventually, many other cybersecurity researchers, including Robert Baptiste (French cybersecurity researcher) and Troy Hunt (creator of haveibeenpawned) backed Rajashekhar saying that there has been such a data breach. However, Mobikwik, to date, claims that it has not suffered a data leak.
5. Upstox
Upstox is India’s second-largest brokerage firm. In April this year, Upstox had a data breach, where the contact and KYC details of 25 lakh Upstox customers were leaked. According to Upstox CEO, Ravi Kumar, the data was compromised from a third-party data-warehouse. The company announced that it had implemented new measures to enhance security. Data leaks at platforms like Domino’s are one thing but a data breach at a company that has information about users’ stocks in the share market is very serious. Upstox, however, says that information related to funds and securities is safe.
Data breach in India: How to check if your data was compromised?
If you want to check if your data has been leaked by any of the platforms, you can do so using the haveibeenpwned platform. All you need to do is enter your mobile number or email ID and the website will list the platforms from which your data was leaked.
You can check out news about the upcoming smartphones as well as popular product recommendations on our Facebook, Twitter, and Instagram pages and head to our YouTube channel for the latest videos.
