BookMyForex Suffers Major Data Breach, Thousands Defrauded in International Transactions
BookMyForex, the foreign exchange platform owned by MakeMyTrip, has experienced a significant data breach, leading to widespread fraud affecting thousands of users. The incident, first reported by affected customers on social media, involved unauthorized transactions in US dollars and Brazilian real, with many users unable to access the platform to lock their forex cards.
Victims reported seeing multiple unauthorized transactions, including failed and successful charges, while being locked out of their accounts. One user described funds being drained in real time, while another noted transactions in Brazilian real with no way to contact customer support. In response, BookMyForex acknowledged the issue on X (formerly Twitter), stating that the matter had been escalated to its banking partner, Yes Bank, and assuring users that their funds were secure. Yes Bank is expected to initiate chargeback proceedings for impacted customers.
Preliminary investigations suggest cyberattackers gained access to sensitive card details, including numbers, expiry dates, and CVVs, likely through a compromised database or third-party system. The attackers reportedly conducted small test transactions to verify card validity before executing higher-value fraudulent purchases. A notable portion of the fraudulent activity targeted Brazilian real transactions, possibly to exploit weaker KYC controls in international markets and delay detection.
The Reserve Bank of India (RBI) had previously proposed compensating customers up to ₹25,000 for digital fraud losses, though the latest banking report shows a decline in the number of fraud cases (5,092 in the first half of FY26 compared to 18,386 a year earlier). However, the total value of frauds surged to ₹21,515 crore from ₹16,569 crore during the same period. Neither BookMyForex nor Yes Bank has provided an official statement on the breach.
BookMyForex TPRM report: https://www.rankiteo.com/company/bookmyforex
MakeMyTrip TPRM report: https://www.rankiteo.com/company/makemytrip.com
Yes Bank TPRM report: https://www.rankiteo.com/company/yes-bank
"id": "makyesboo1771994083",
"linkid": "makemytrip.com, yes-bank, bookmyforex",
"type": "Breach",
"date": "2/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': 'Thousands',
'industry': 'FinTech, Travel',
'location': 'India',
'name': 'BookMyForex',
'type': 'Foreign exchange platform'},
{'customers_affected': 'Thousands',
'industry': 'Banking',
'location': 'India',
'name': 'Yes Bank',
'type': 'Banking partner'}],
'attack_vector': 'Compromised database or third-party system',
'customer_advisories': 'Public acknowledgment on X (Twitter) assuring funds '
'are secure',
'data_breach': {'personally_identifiable_information': 'Payment information '
'(card details)',
'sensitivity_of_data': 'High (CVVs, card numbers, expiry '
'dates)',
'type_of_data_compromised': ['Card details',
'Payment information']},
'description': 'BookMyForex, the foreign exchange platform owned by '
'MakeMyTrip, experienced a significant data breach leading to '
'widespread fraud affecting thousands of users. Unauthorized '
'transactions in US dollars and Brazilian real were reported, '
'with users locked out of their accounts and unable to secure '
'their forex cards. Cyberattackers accessed sensitive card '
'details, including numbers, expiry dates, and CVVs, likely '
'through a compromised database or third-party system. '
'Fraudulent transactions targeted Brazilian real, possibly '
'exploiting weaker KYC controls in international markets.',
'impact': {'brand_reputation_impact': 'Significant (public acknowledgment of '
'breach)',
'customer_complaints': 'Widespread reports on social media',
'data_compromised': 'Card details (numbers, expiry dates, CVVs)',
'downtime': 'Users locked out of accounts',
'financial_loss': 'Thousands of users defrauded',
'identity_theft_risk': 'High (PII and payment information exposed)',
'operational_impact': 'Inability to lock forex cards, delayed '
'customer support',
'payment_information_risk': 'High (CVVs and card details '
'compromised)',
'systems_affected': 'BookMyForex platform, Yes Bank integration'},
'initial_access_broker': {'entry_point': 'Compromised database or third-party '
'system'},
'investigation_status': 'Ongoing',
'motivation': 'Financial gain',
'post_incident_analysis': {'root_causes': 'Likely compromised database or '
'third-party system'},
'references': [{'source': 'Social media reports (X/Twitter)'}],
'regulatory_compliance': {'regulations_violated': ['Potential RBI guidelines '
'on digital fraud '
'compensation']},
'response': {'communication_strategy': 'Public acknowledgment on X (Twitter)',
'containment_measures': 'Escalated to Yes Bank for chargeback '
'proceedings'},
'stakeholder_advisories': 'Yes Bank to initiate chargeback proceedings',
'title': 'BookMyForex Suffers Major Data Breach, Thousands Defrauded in '
'International Transactions',
'type': 'Data Breach'}