1. Home
  2. Bengaluru-based 'JusPay' refutes 10 cr card data breach claim, says only 3.5 cr users' info leaked

Bengaluru-based 'JusPay' refutes 10 cr card data breach claim, says only 3.5 cr users' info leaked

Agencies
January 6, 2021

Juspay.jpg

Bengaluru, Jan 6: Bengaluru-based digital payments gateway JusPay on Tuesday clarified that about 3.5 crore records with masked card data and card fingerprint were compromised by a hacker and the claim of 10 crore cardholders' data being affected is “incorrect". Responding to claims made by independent cyber security researcher Rajshekhar Rajaharia on Sunday that data of nearly 10 crore credit and debit card holders in the country is being sold for an undisclosed amount on the Dark Web -- leaked from a compromised server of Juspay, the company said in a fresh statement that none of its merchants and their customers are at any risk.

"The masked card data is used for display purposes on merchant UI and cannot be used for completing a transaction. A part of user metadata in our system which has non-anonymised, plain-text email IDs and phone numbers got compromised," the company informed.

"On August 18, 2020, an unauthorised attempt on our servers was detected and terminated when in progress," it added.

According to JusPay, no full card numbers, order information, card PINs and passwords were leaked.

"We conducted a thorough audit on the day of the incident which confirmed that our 'Secure Data Store' which hosts the 16-digit encrypted card numbers was not accessed and remains secure. The cyberattack was identified in an isolated/separate system," JusPay elaborated.

"We can confirm that the compromised data does not contain any transaction or order information, as the intrusion was terminated before such an access."

Rajaharia had told IANS that the data was being sold on the Dark Web for an undisclosed amount via cryptocurrency Bitcoin.

"For this data, hackers are also contacting via Telegram," he said, adding that if the hackers can find out the Hash algorithm used to generate the card fingerprint, they will be able to decrypt the masked card number.

"In this condition, all 10 crore cardholders are at risk," Rajaharia noted.

JusPay said that it has made significant investments in security and data governance and its policies are aligned to globally accepted data protection standards.

"We did identify gaps in some of the older access keys and moved them to non-access key-based authentication supported by hosting providers. We have also made two-factor authentication (2FA) mandatory for all the tools accessed by our teams," the company said.

According to Saurabh Sharma, Senior Security Researcher (GReAT), Kaspersky (APAC), data leaks due to internal vulnerabilities has become a common instance in India, especially in the last two years.

"Enterprises and institutions have begun to understand the importance of having a strong security framework to save themselves from an external attack by a cybercriminal. However, they tend to overlook the internal vulnerabilities that can prove to be very damaging to their reputation and business if exploited by the bad guys," Sharma told IANS.

Regular network and server evaluation, proactive detection of zero-day vulnerabilities and patching them immediately, launching attractive bug-bounty programmes and promptly informing the users of a potential leak are some of the "mandatory steps that large enterprises and institutions should follow in order to stay away from cybercriminals and save their reputation," he added.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
January 10,2025

baraka.jpg

Barakah International School and College is organizing a unique parenting workshop aimed at equipping parents with essential skills in various aspects of parenting. The event will take place at Barakah Auditorium, Ayar, on Thursday, January 16, 2025, at 6:30 PM.

This session will cover three crucial aspects of parenting:

Motivating Your Child to Excel in Academics: Presented by Sharfuddin B.S., Principal of Barakah International School and College and an internationally acclaimed motivational speaker.

Parenting in the Modern Age: Delivered by Mr. Saif Sultan, a renowned motivational speaker and Chairman of the Hope Foundation.

Parenting Skills to Instill Islamic Values: Led by Mohammad Haneef, Principal of the Islamic Department at Barakah International School and a well-known Khateeb.

The workshop will conclude with a Q&A session, providing participants the opportunity to gain deeper insights from the experts.

The program is free of cost and open to both parents, subject to prior registration. Maghrib and Isha prayer arrangements will be available, and refreshments will be served at the end.

Interested participants are encouraged to register at the earliest to secure their slots via the following Google Form:

https://forms.gle/mKxsr4A1UGrpo7DJ9

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
January 14,2025

Udupi: Karnataka Kreedakoota-2025, a sports event organised by the Youth Empowerment and Sports Department, Karnataka Olympic Association, and the District Administration, will be held in Udupi and Dakshina Kannada districts from January 17 to January 23.

The event will feature 1,373 athletes participating in a variety of sports, including kayaking, canoeing, archery, cycling, wrestling, boxing, hockey, lawn tennis, table tennis, Kabaddi, Judo, and athletics.

Deputy Commissioner Vidya Kumari K addressed a press conference on Monday, providing details about the events in Udupi and Dakshina Kannada.

According to her, while volleyball, basketball, and swimming competitions will take place in Dakshina Kannada, events like kayaking and canoeing will be held in Brahmavara’s Swarna River, and archery will take place at the MJC Ground in Manipal.

Marena Sports Complex in Manipal will host lawn tennis and table tennis matches, she added.

The opening ceremony will take place on January 17 in Mangaluru and Chief Minister Siddaramaiah will be inaugurating the event.

The closing ceremony will be held in Udupi on January 23, with Governor Thaawarchand Gehlot and Home Minister G Parameshwar attending.

The district administration, in collaboration with Manipal Academy of Higher Education (MAHE), Manipal, has made provisions for accommodation and food for the participants, said the DC.

She also said the synthetic track at the Mahatma Gandhi District Stadium in Ajjarakad is undergoing repair work after its 10-year durability period ended in 2023, to provide athletes better infrastructure.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
January 9,2025

Mangaluru: Establishing a Beary Development Corporation is a valid demand, but its implications must be carefully studied, remarked Speaker UT Khader. He proposed forming an expert committee to evaluate the corporation’s potential impact on the Beary community during a district-level conference of the Beary-speaking community, organized by the Akhila Bharata Beary Mahasabha at Kudmul Ranga Rao Town Hall on Wednesday.

Khader expressed concerns over inefficiencies in existing government-established corporations, such as unfilled leadership positions, lack of appointed members, and insufficient funding. “The Beary Development Corporation must avoid similar pitfalls,” he emphasized. He noted that the Minorities Development Corporation already provides various schemes for Beary Muslims, urging a detailed assessment to ensure the new corporation’s funding does not fall short of current provisions, which could disadvantage the community.

Praising the industrious and self-respecting nature of the Beary community, Khader highlighted the respect Beary elders once commanded in villages. He encouraged the youth to uphold this legacy and actively contribute to the community’s progress. Additionally, he commended the Beary youth for their swift and dedicated responses during emergencies, which have garnered widespread recognition.

Khader underscored the importance of unity, cautioning against fostering divisions within the community. He also stressed the critical role of education in development, urging the maintenance of detailed records for SSLC and PUC students to track progress.

The event was presided over by Azeez Baikampadi, president of the Akhila Bharata Beary Mahasabha. Among the dignitaries present were former MLA Mohiudeen Bava and retired police officer GA Bawa. Dr. UT Ifikhar Ali Farid, honorary president of the Akhila Bharata Beary Mahasabha and chairman of the Karnataka State Allied and Healthcare Council, was felicitated during the program.

In notable initiatives, Kanachuru Monu, chairman of Kanachuru Medical College, unveiled the Mahasabha’s new website, while Sheikhabba Karnire of Expertise Company, Jubail, launched an IAS-IPS program aimed at empowering the Beary community.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.