1. Home
  2. Bengaluru-based 'JusPay' refutes 10 cr card data breach claim, says only 3.5 cr users' info leaked

Bengaluru-based 'JusPay' refutes 10 cr card data breach claim, says only 3.5 cr users' info leaked

Agencies
January 6, 2021

Juspay.jpg

Bengaluru, Jan 6: Bengaluru-based digital payments gateway JusPay on Tuesday clarified that about 3.5 crore records with masked card data and card fingerprint were compromised by a hacker and the claim of 10 crore cardholders' data being affected is “incorrect". Responding to claims made by independent cyber security researcher Rajshekhar Rajaharia on Sunday that data of nearly 10 crore credit and debit card holders in the country is being sold for an undisclosed amount on the Dark Web -- leaked from a compromised server of Juspay, the company said in a fresh statement that none of its merchants and their customers are at any risk.

"The masked card data is used for display purposes on merchant UI and cannot be used for completing a transaction. A part of user metadata in our system which has non-anonymised, plain-text email IDs and phone numbers got compromised," the company informed.

"On August 18, 2020, an unauthorised attempt on our servers was detected and terminated when in progress," it added.

According to JusPay, no full card numbers, order information, card PINs and passwords were leaked.

"We conducted a thorough audit on the day of the incident which confirmed that our 'Secure Data Store' which hosts the 16-digit encrypted card numbers was not accessed and remains secure. The cyberattack was identified in an isolated/separate system," JusPay elaborated.

"We can confirm that the compromised data does not contain any transaction or order information, as the intrusion was terminated before such an access."

Rajaharia had told IANS that the data was being sold on the Dark Web for an undisclosed amount via cryptocurrency Bitcoin.

"For this data, hackers are also contacting via Telegram," he said, adding that if the hackers can find out the Hash algorithm used to generate the card fingerprint, they will be able to decrypt the masked card number.

"In this condition, all 10 crore cardholders are at risk," Rajaharia noted.

JusPay said that it has made significant investments in security and data governance and its policies are aligned to globally accepted data protection standards.

"We did identify gaps in some of the older access keys and moved them to non-access key-based authentication supported by hosting providers. We have also made two-factor authentication (2FA) mandatory for all the tools accessed by our teams," the company said.

According to Saurabh Sharma, Senior Security Researcher (GReAT), Kaspersky (APAC), data leaks due to internal vulnerabilities has become a common instance in India, especially in the last two years.

"Enterprises and institutions have begun to understand the importance of having a strong security framework to save themselves from an external attack by a cybercriminal. However, they tend to overlook the internal vulnerabilities that can prove to be very damaging to their reputation and business if exploited by the bad guys," Sharma told IANS.

Regular network and server evaluation, proactive detection of zero-day vulnerabilities and patching them immediately, launching attractive bug-bounty programmes and promptly informing the users of a potential leak are some of the "mandatory steps that large enterprises and institutions should follow in order to stay away from cybercriminals and save their reputation," he added.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
May 8,2025

SofiaQuraishi.jpg

Belagavi: Colonel Sofia Qureshi who along with Wing Commander Vyomika Singh presented the details of ‘Operation Sindoor’ is being hailed as the daughter-in-law of Karnataka’s Belagavi.

Qureshi's husband Colonel Tajuddin Bagewadi is from Konnur town in Gokak taluk. He has been serving as a colonel in the Indian Army. They were married in 2015.

Qureshi is a native of Baroda in Gujarat, being married to Tajuddin has made her the daughter-in-law of Belagavi.

During a media meet at New Delhi on Wednesday, Qureshi had shared the details of the success of Operation Sindoor which was conducted in retaliation to the terror attack at Pahalgam in Kashmir.

Qureshi has also served in the UN peacekeeping force at Kangola. She has received great appreciation from General Officer Commanding for her work along the borders of Punjab and during the floods in North-East.

Presently Sofia has been posted at Jammu while her husband Colonel Tajuddin Bagewadi at Jhanshi.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
May 13,2025

A new chapter is unfolding for football in Mangaluru as the football ground adjacent to Nehru Maidan receives a modern artificial turf, with completion expected by the end of May. This long-awaited upgrade promises to significantly enhance the playing experience for both budding and seasoned footballers in the region.

The project, spearheaded by Mangaluru Smart City Limited (MSCL), involves laying synthetic turf across the 90,000 sq ft ground at a cost of ₹2.5 crore. Equipped with efficient drainage systems, the revamped ground will support uninterrupted play throughout the year, regardless of weather conditions.

“This is a long-pending demand of the football community here,” said D.M. Aslam of the Dakshina Kannada District Football Association. “We expect the turf work to be completed in the next two weeks. Currently, around 150 children practice regularly at the ground, and we anticipate that number to rise once the new surface is open.”

MSCL General Manager (Technical), Arun Prabha K.S., noted that while the project had been planned for some time, groundwork officially began after last year’s monsoon league concluded in August. “Once completed, this facility will be a full-fledged synthetic turf suitable for training, local tournaments, and league matches,” he said.

With the inauguration expected soon after the final touches are completed, the new astro turf is set to elevate the city’s football infrastructure and serve as a springboard for talent development across the district.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
April 30,2025

Bengaluru: Karnataka Chief Minister Siddaramaiah on Wednesday stated that speaking in favour of Pakistan is wrong and constitutes treason. However, he emphasized that an inquiry is ongoing in the case of an alleged mob lynching of a man accused of shouting "Pakistan Zindabad" in Mangaluru.

“If the slogan ‘Pakistan Zindabad’ was shouted, it is wrong, regardless of who said it. The inquiry is still underway, a case has been registered, and we will determine the appropriate action based on the report,” Siddaramaiah said in response to questions from reporters about the killing.

He reiterated, “If anyone speaks in favour of Pakistan, it is wrong. It amounts to treason.”

Home Minister G. Parameshwara confirmed that a person was “lynched” in Mangaluru and said that those arrested claimed the victim shouted "Pakistan Zindabad."

“This is under investigation. Only the arrested individuals have made this claim. Nearly 20 people have been arrested so far. The police are also verifying the identity and background of the deceased. We are taking the case very seriously,” he said, noting that several people present at the cricket match where the incident occurred are being questioned.

Responding to allegations that the police initially attempted to portray the incident as a suicide, the Home Minister said, “We have no such information. If any such discrepancies are found during the investigation, appropriate action will be taken.”

According to police, the deceased has been identified as Ashraf from Pulpalli village in Sultan Bathery Taluk, Wayanad district, Kerala.

The incident occurred during a local cricket match near the Bhatra Kallurti temple in Kudupu village, on the outskirts of Mangaluru, on April 27. Ashraf was allegedly beaten with sticks, resulting in multiple injuries that led to internal bleeding and shock. He was declared dead at the hospital.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.