CreditMate , operated by Urja Money Private Limited, exposed files contained 4,717 reports of connecting to CIBIL credit reporting service, and 18,913 JSON reports with 7277 email addresses.
The credit reports were from 2016 – the present.
It is a financial technology company that provides services to various banking and financial services companies and non-banking financial companies such as Optimus Finance Limited.
The exposed reports contained data fields such as member reference number, enquiry number, enquiry purpose, amount of loan being sought, full name, date of birth, gender, income tax ID number (PAN), passport number, driver’s license number, universal ID number, telephone number, mail address
employment information, employment income, CIBIL credit score, residential address, office address,
payment history of other loans/credit cards.
The COO said in order to protect consumers, pending outcome of the investigation, TransUnion CIBIL has suspended Optimus’ access.
"id": "PAY153611922",
"linkid": "creditmate",
"type": "Data Leak",
"date": "08/2018",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"