India’s second-largest stockbroking firm Upstox suffered a huge data security breach in April 2021.
The breach exposed some data and Know-Your-Customer details of around 100,000 users and they were posted on the dark web asking for $1.2 million in ransom.
The firm asked its users to resets passwords on its platform and stay alert for any suspicious activity.
Source: https://www.zenger.news/2021/04/22/indian-brokerage-firm-upstox-suffers-massive-data-breach/
TPRM report: https://scoringcyber.rankiteo.com/company/upstox
"id": "ups92718422",
"linkid": "upstox",
"type": "Breach",
"date": "04/2021",
"severity": "90",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '100,000',
'industry': 'Finance',
'location': 'India',
'name': 'Upstox',
'type': 'Stockbroking Firm'}],
'customer_advisories': ['Asked users to reset passwords and stay alert'],
'data_breach': {'data_exfiltration': ['Yes'],
'number_of_records_exposed': '100,000',
'personally_identifiable_information': ['Yes'],
'sensitivity_of_data': ['High'],
'type_of_data_compromised': ['Know-Your-Customer details']},
'date_detected': 'April 2021',
'description': 'India’s second-largest stockbroking firm Upstox suffered a '
'huge data security breach in April 2021. The breach exposed '
'some data and Know-Your-Customer details of around 100,000 '
'users and they were posted on the dark web asking for $1.2 '
'million in ransom. The firm asked its users to reset '
'passwords on its platform and stay alert for any suspicious '
'activity.',
'impact': {'data_compromised': ['Know-Your-Customer details']},
'initial_access_broker': {'data_sold_on_dark_web': ['Yes']},
'motivation': ['Financial'],
'ransomware': {'ransom_demanded': '$1.2 million'},
'response': {'communication_strategy': ['User advisories to stay alert for '
'suspicious activity'],
'containment_measures': ['Password reset']},
'title': 'Upstox Data Breach',
'type': 'Data Breach'}