🚀 CloudSEK has raised $19M Series B1 Round – Powering the Future of Predictive Cybersecurity
Read More
Protect your sensitive information from unauthorized access and data breaches with CloudSEK XVigil Credential Breaches module, ensuring the security of your valuable data
Schedule a Demo
Category |
Adversary Intelligence – Data Leak |
Impacted Assets |
Customer Records |
CloudSEK Verified |
Yes |
Leaked Data |
Customer PII (name, phone number, email address), masked Credit Card data (first 4 and last 4 digits of the 16 digit card number) |
Inc42 published a report regarding Juspay data being leaked on the dark web. The report claims that the data dump contains PII (Personally Identifiable Information) and card data of 10 Crore users. CloudSEK has done a detailed analysis of this incident and the key findings are summarized below.
CloudSEK’s flagship digital risk monitoring platform XVigil discovered a post on a data sharing platform, selling user databases of multiple companies. Our Threat Intelligence researchers did a detailed analysis on the same. The companies affected are:
Juspay.in | Teespring.com |
MyON.com | Knockcrm.com |
Mindful.org | Clickindia.com |
Chqbook.com | Bigbasket.com |
Reddoorz.com | Hybris.com (SAP.com) |
Wedmegood.com | Wongnai.com |
Geekie.com.br | Anyvan.com |
Accuradio.com | Everything5pounds.com |
Cermati.com | Netlog.com (Twoo.com) |
Reverbnation.com | Fotolog.com |
Pizap.com | ModaOperandi.com |
Eventials.com | Wahoofitness.com |
Sitepoint.com | Singlesnet.com |
The most recent post contains a sample of the Juspay database though the data has not been validated. Here are some sample screenshots from the leak:
The “stored_card” database contains the following fields:
The “customer” database contains the following fields:
The threat actor joined the forum in December 2020. And since then, the threat actor has shared 2 posts, attempting to sell databases from their private collection.
One of the posts advertises multiple databases while the other post is selling the Gympass database.
Discover how CloudSEK's comprehensive takedown services protect your brand from online threats.
How to bypass CAPTCHAs easily using Python and other methods
What is shadow IT and how do you manage shadow IT risks associated with remote work?
Take action now
CloudSEK Platform is a no-code platform that powers our products with predictive threat analytic capabilities.
Digital Risk Protection platform which gives Initial Attack Vector Protection for employees and customers.
Software and Supply chain Monitoring providing Initial Attack Vector Protection for Software Supply Chain risks.
Creates a blueprint of an organization's external attack surface including the core infrastructure and the software components.
Instant Security Score for any Android Mobile App on your phone. Search for any app to get an instant risk score.
min read
Juspay Databases Containing 10 Crore Users’ Data for Sale on Data Sharing Platform
Category |
Adversary Intelligence – Data Leak |
Impacted Assets |
Customer Records |
CloudSEK Verified |
Yes |
Leaked Data |
Customer PII (name, phone number, email address), masked Credit Card data (first 4 and last 4 digits of the 16 digit card number) |
Inc42 published a report regarding Juspay data being leaked on the dark web. The report claims that the data dump contains PII (Personally Identifiable Information) and card data of 10 Crore users. CloudSEK has done a detailed analysis of this incident and the key findings are summarized below.
CloudSEK’s flagship digital risk monitoring platform XVigil discovered a post on a data sharing platform, selling user databases of multiple companies. Our Threat Intelligence researchers did a detailed analysis on the same. The companies affected are:
Juspay.in | Teespring.com |
MyON.com | Knockcrm.com |
Mindful.org | Clickindia.com |
Chqbook.com | Bigbasket.com |
Reddoorz.com | Hybris.com (SAP.com) |
Wedmegood.com | Wongnai.com |
Geekie.com.br | Anyvan.com |
Accuradio.com | Everything5pounds.com |
Cermati.com | Netlog.com (Twoo.com) |
Reverbnation.com | Fotolog.com |
Pizap.com | ModaOperandi.com |
Eventials.com | Wahoofitness.com |
Sitepoint.com | Singlesnet.com |
The most recent post contains a sample of the Juspay database though the data has not been validated. Here are some sample screenshots from the leak:
The “stored_card” database contains the following fields:
The “customer” database contains the following fields:
The threat actor joined the forum in December 2020. And since then, the threat actor has shared 2 posts, attempting to sell databases from their private collection.
One of the posts advertises multiple databases while the other post is selling the Gympass database.