wordpress blog stats
Connect with us

Hi, what are you looking for?

Hacker pulls database from website showcasing MobiKwik leaked data


The hacker or hacking group that set up a website over the last fortnight to showcase user data that was stolen from MobiKwik‘s servers has pulled all the data from the website, stating that all the data has been deleted from their servers.

On Tuesday, MediaNama visited the website through The Onion Router, and queried the database for our personal information using their names, email addresses or phone numbers. We found that the data on the website, including card and bank account information, was accurate. However, by late Tuesday night the hacker pulled the database from the website stating that all users were now safe.

The site was replaced with a message stating that MobiKwik’s data was deleted.

The website allowed users to check if their data, stored by MobiKwik, was leaked as part of the data dump. The website, which is also available on the open web, allowed users to query the database and also displayed KYC information of individuals at random, like selfies they took. This included unredacted photographs of Aadhaar cards, PAN cards and other official documents which can be used to view the details of other users.

Hacker says database deleted voluntarily

In a post on RaidForum, the hacker, who goes by the alias ninja_storm, said that they have deleted all the data and two backups of the data from all their servers, including small copies of the data which a part of the TOR site. “We have very long and deep conversations with some independent security researchers about the consequences if data is leaked or sold and decided we will delete all data from our end as MobiKwik is incompetent in that regard,” they said.

The hacker said that now all user data remains secure with MobiKwik, “no one can misuse it except of course Mobikwik for targeted ads or call which everyone does anyway.” While the hacker had initially sought to blackmail the company, and in return they would delete the data, they decided not to pursue that strategy.

“Originally that was our idea. Later people wanted GDPR type rules in India, so we changed our stance by putting a msg in onion site footer. Now nothing. (Also I should say this fiasco helped our other ventures move faster to goals) So, we didn’t accept any ransom payment too in this deal,” they said.

Advertisement. Scroll to continue reading.

They provided the following statistics as well:

  • TOR site page views: 60,000
  • Non-bot Application Programme Interface calls: 240,000
  • Bot-API calls: 200,000
  • Images extracted: 6,000 out of 33 million
  • Sample file: 100 MB

Delete, Restrict or Ransom?

Screenshots of messages exchanged between the hacker and users on messaging platform Discord reveal that the hacker had partially leaked parts of the data dump online in order to entice bidding from other hackers or hacking groups. The hacker also said that they are looking to sell the information back to the company as well. According to the website the hacker was willing to sell the entire dataset for 1.5 bitcoins or $84,000.

MediaNama cannot independently verify if the hacker has deleted all the data from their servers, if they have only stopped public access to the database through the website, or if a ransom was paid to pull the data and delete backups.

Cyber security researcher Rajshekhar Rajaharia, who was the first to report the data breach at MobiKwik, says that one should be cautious about believing the hackers’ claim that they have deleted all the data. “When I had reported the leak on February 26, this hacker said that they had lost the data. So can we trust them? The data can be uploaded again for all we know or they can share the data to another group or they could sell it in parts,” he said.

In a separate post on RaidForum, dated February 25, ninja_storm said that while moving the data from one server to another they lost access to the primary server mid-way and “lost access to middle server and lost company access.”

“We are looking at the data we currently have. Bad thing is we did zip on server into 100gb parts and we are moving data that way. Now my current understanding is to unzip that data we need to have all zip files. As we lost access to the sending server in midway we have some zip files in our secure server but can’t unzip them at the moment…”

“We will see if we can access middle server somehow and get all data. We have all proofs which we sent to people and shared on discore but we don’t have actual data now… “

Also Read

Advertisement. Scroll to continue reading.

Written By

Reports on banking, payments, fintech and crypto-curencies. Additional reporting on media regulations, data protection and other areas.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Releasing the policy is akin to putting the proverbial 'cart before the horse'.


The industry's growth is being weighed down by taxation and legal uncertainty.


Due to the scale of regulatory and technical challenges, transparency reporting under the IT Rules has gotten off to a rocky start.


Here are possible reasons why Indians are not generating significant IAP revenues despite our download share crossing 30%.


This article addresses the legal and practical ambiguities in understanding the complex crypto ecosystem in India.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ