Prateek Sharma in NEW DELHI: Sensitive data of Indians containing more than 6.5 million files totaling over 1TB of data has leaked online. Data belongs to thousands of customers of at least four instant loan apps: CashMama, LoanZone/Vayloan, and MeraLoan, said SafetyDetectives – global antivirus review website.
Leaked data includes names, government IDs, dates of birth, IFSC codes, bank accounts details, company information, salary categories, payment history, addresses, numbers, GPS locations etc.
“CashMama’s Amazon S3 bucket was left in open form, exposing sensitive and personal data for hundreds of thousands of customers. CashMama’s misconfigured bucket revealed enough sensitive data to potentially expose its users to the most damaging forms of cybercrime,” said SafetyDetectives.
Read full report (https://www.safetydetectives.com/news/cashmama-leak-report/)
The apps in issue is no longer available because it was taken down following a scandal involving a quick loan app. CashMama was founded in Hyderabad in 2018 and provided loans between Rs 3,000 and Rs 5,000 in minutes. Indian police arrested its operators in 2020 for blackmail, harassment, coercion, and financial fraud.
Safety Detectives were able to track the bucket down to CashMama by using references to the company in saved emails. So, what does this mean? Simply put, CashMama allowed its owners to spy on customers using mobile applications and other services.
This data breach exposed not just PIIs, but also phone data for Vayloan, including SMS messages, contacts, device information, battery condition, and fingerprint data. “CashMama’s AWS S3 bucket had approximately 650,000 SMS data files and almost 1 million SMS & contact history files,” according to Safety Detectives. “The latter exposed phone-related data for over 350,000 consumers.”
Safety Detectives said we discovered CashMama’s open AWS S3 bucket on November 11th, 2021. Amazon is not responsible for the management of CashMama’s AWS S3 bucket and is therefore not responsible for this data breach.
“We messaged both the Indian Computer Emergency Response Team (CERT) and AWS regarding CashMama’s data exposure on November 25th, 2021. On December 16th, 2021, we sent follow-up messages to the Indian CERT and AWS. Both organizations replied to our messages and we sent a responsible disclosure to the Indian CERT in the following days. We followed up with Indian CERT on January 10th, 2022, and CashMama’s open bucket was secured between January 11th, 2022, and January 13th, 2022,” it said.
Exposed customers could experience various impacts as a result of this data breach.
Those whose data has been compromised in this incident face a variety of dangers. Identity theft, phishing, frauds, and fraud are just a few of the issues that users with sensitive information have to worry about. This information could be used by cybercriminals and bad actors to open bank accounts in the person’s name and get loans and mortgages. “Victims could face financial devastation,” says the report.
Follow The420.in on