The Reserve Bank of India (RBI) has ordered an inquiry into the recent allegations of user-data leaks on the digital payment service firm MobiKwik. RBI has warned Mobikwik that if any security lapses were found on behalf of the company, then it will have to face the penalty.
MobiKwik has been found surrounded by recent allegations for alleged data breach of its database. The personal information of the company’s 110 million or 110 million users was shared on the dark web. Mobikwik, however, denied the allegations and instead threatened to take legal action against the security researcher Rajashekar Rajahria, who had reported the data breach a few days earlier. After an internal investigation, the firm claimed that no such data leaks were found during the investigation.
A Reuters report, citing Anonymous Sources, now mentions that the Reserve Bank of India was not happy with this initial response and has directed an inquiry into the digital payment platform.
RBI gave ultimatum to Mobikwik
The source said that the RBI has given Mobikwik an ultimatum, in which an external auditor has been ordered to conduct a forensic audit. If the data proves breech in the audit, then MobiKwik will be fined by the RBI. The Reuters report mentions that the RBI has the authority to punish the payment system provider with a minimum of Rs 5,00,000 in such a case.
MobiKwik released an official statement earlier. It was said in the statement that the data available on the Internet could be uploaded by the users themselves on many platforms. It stressed that there was no indication of data leaking from the company’s database.
Claims of leaking credit card details of users
Users and security researchers have obtained many information on the leaked online database, including credit card details. Apart from this, KYC information, your address, phone number, Aadhaar card details and other important information are being sold in the data leaked by the users. Many of them have posted screenshots of the data which is now available for sale on the Dark Web. In some cases, this data was being sold for 1.5 bitcoins or about $ 86,000.
According to a report by TechNadu, email ID, phone number, password application install, phone manufacturer, IP address, GPS location and other information of users were leaked. The report further states that the alleged vendor has set up a dark web portal “where a person can search by phone number or email ID and retrieve information from a total of 8.2 TB of data.”
Like Paytm, MobiKwik is also a digital wallet that supports UPI. The app includes special offers, bill payment, cashback and more.
read this also- Salman Khan put big money in desi app Chingari
Also read- People will use 6.2 billion mobile phones and PCs this year, the report revealed