Breaking news

Meghalaya Governor Satya Pal Malik’s stand has not softened even after moreAll You Need to Know About Cryptocurrency in India: Trends, Legality and more The Champaran Foundation, in collaboration with InFeed, organised an online more In one of the biggest leaks ever of offshore financial records, the more The Champaran Foundation, in collaboration with InFeed, is inviting entries more The recently concluded German elections on September 26, 2021 have given a more According to latest news reports, China has been on a defense infrastructure more A new line of argument has already come to dominate the public sphere: it’ more The government has gone one step further to detect community spread of the more The government has issued an order to abolish the six allowances, including more Aarogya Setu application launched by NIC is aimed to track COVID-19 affected more SEOUL| South Korea’s unemployment rate was unchanged in April as the more Amid the outbreak of Corona pandemic in the country, Indian government has more Prime Minister Narendra Modi in his address to the nation on Tuesday indicated more Corona infection in the country is taking a macabre form. So far, more than 74 more Congress General Secretary Priyanka Gandhi Vadra has written a letter to UP more On Tuesday, Prime Minister Narendra Modi announced a package of Rs 20 lakh more

BHIM Security Breach : 72.6 Lakh Users Data At Risk

BHIM Data Breach

Security researchers said that data from about 72.6 lakh users of mobile payment app BHIM was revealed by a website. The report by the VPN review website vpnMentor stated that the data revealed contained many sensitive information such as name, date of birth, age, gender, home address, caste status and Aadhaar card details etc.

In a blog post on Sunday, security researchers at vpnMentor wrote, “The scale of the data exposed is extraordinary. It can affect millions of people across India. Taking advantage of this, hackers and cybercriminals also address fraud, theft, and attacks.

However, this flaw was overcome when the researchers contacted the Computer Emergency Response Team (CERT-In) of India and informed them twice in a month. After which the violation was closed last month. The BHIM website has been developed by a company called CSC e-Governance Services Limited in partnership with the Government of India.

The researchers said, “In this case, the BHIM data was stored in an unprotected Amazon Web Services (AWS) S3 bucket. The researchers said that the S3 bucket is a popular form of cloud storage worldwide, but to establish security protocols Developers require their account.

He said that “We reached out to the website developers to inform them of the misconfiguration in their S3 buckets and provide their assistance. After not getting a reply, we contacted the Computer Emergency Response Team (CERT-In) of India, the country. In cyber security, “

How BHIM Data is Compromised?

Research led by vpnMentor’s Noam Rotem and Ran Lokar revealed that CSC set up the wrong S3 bucket-linked website to promote BHIM use across the country, and new merchant businesses, such as mechanics, farmers, service providers and Signed up store owners on the app. The exposed data, which was first discovered by security researchers on 23 April, had a volume of 409GB.

The report stated, “It is difficult to say precisely, but the S3 bucket had records from a short period (February 2019). However, within such a short time, more than 70 lakh records were uploaded and exposed.”

Tags: ,

Story Page