Research firm discloses exposure of 73 lakh BHIM app users’ data
Category: #tech  By Mateen Dalal  Date: 2020-06-03
  • shareshare_icon
  • Twitter
  • Facebook
  • LinkedIn

Research firm discloses exposure of 73 lakh BHIM app users’ data

An independent cyber-security research firm has reportedly revealed that the private details of around 73 lakh Indians in the BHIM app are being exposed. The firm allegedly claimed that users are likely to encounter data-based fraud due to the lax security standards supported in this UPI app.

Sources familiar with the matter have reported that CSC e-Governance Services has left a cloud data storage bucket of its Amazon Web Services S3 unsecured and thus open to the public. This data storage misconfiguration happened during February 2019 and May 2020, the month when it has been repaired. The level of security lapse and its impact is still not clear since the privacy of numerous users has been left exposed for nearly a year.

Sources further stated that the PAN details, banking & financial transcripts, educational degrees, residential address proofs, caste certificates, and Aadhaar cards are among the data that can be accessed via the AWS S3 bucket. Due to the recent security bug, the residential address, biometric authentication info, and other information of the 73 lakh users were revealed online.

However, the NPCI (National Payments Council of India) has reportedly denied the occurrence of any data breach of the UPI users. Sources further clarified that there was no data being compromised at the BHIM app. According to statements, NPCI follows an integrated approach and high-level security to safeguard the infrastructure and continuously offer a strong payments ecosystem.

The unsecured data bucket was reportedly 409 GB in size, which was discovered by the agency on 13th April. Following this glitch, the firm reported it to the CERT-In (Computer Emergency Response Team) in India on 28th April. The unsecured bucket was patched soon after it contacted the CERT-In again on 22nd May.

Provided that this data bucket was opened to risks for over a year, it is unclear whether malicious users have managed to get hold of such data. This lapse in the security standard will create alarm, despite the denial of the incident from the NPCI, regarding security among other digital initiatives backed by the government.

Source credit:https://www.news18.com/news/tech/private-details-of-73-lakh-indians-exposed-in-bhim-data-leak-npci-issues-denial-2648189.html

  • shareshare_icon
  • Twitter
  • Facebook
  • LinkedIn


About Author

Mateen Dalal     twitter

Mateen Dalal

A qualified electronics and telecommunication engineer, Mateen Dalal embarked on his professional journey working as a quality and test engineer. Harnessing his passion for content creation however, Mateen pens down industry-rich articles for ReportsGO.com and a few o...

Read More..

More News By Mateen Dalal

General Motors to recoup USD 1.9 Bn from LG spent on Bolt EV recall

General Motors to recoup USD 1.9 Bn from LG spent on Bolt EV recall

By Mateen Dalal

GM will recover almost all the costs from the recall of its Bolt EV models. Despite the EV battery manufacturing mishap from LG, the two companies will continue to work together. General Motors (GM) has agreed to recover around USD 1.9 billion f...

Tata Motors records 25% jump in global sales in second quarter of 2021

Tata Motors records 25% jump in global sales in second quarter of 2021

By Mateen Dalal

The automaker’s annual wholesale growth has been around 24%. The company saw a 10% rise in passenger car sales during Q2 2021, as compared to the same period in 2020. Tata Motors Limited reported substantial growth in Q2 2021, with its glo...

Carbon Budgets for corporate business travels to hit airlines: Report

Carbon Budgets for corporate business travels to hit airlines: Report

By Mateen Dalal

With major companies considering ways to reduce carbon emissions from corporate travel, airlines are preparing for a setback in business-class travel, which is an important revenue driver according to industry experts and executives. The airline ind...