wordpress blog stats
Connect with us

Hi, what are you looking for?

Hacker pulls database from website showcasing MobiKwik leaked data


The hacker or hacking group that set up a website over the last fortnight to showcase user data that was stolen from MobiKwik‘s servers has pulled all the data from the website, stating that all the data has been deleted from their servers.

On Tuesday, MediaNama visited the website through The Onion Router, and queried the database for our personal information using their names, email addresses or phone numbers. We found that the data on the website, including card and bank account information, was accurate. However, by late Tuesday night the hacker pulled the database from the website stating that all users were now safe.

The site was replaced with a message stating that MobiKwik’s data was deleted.

The website allowed users to check if their data, stored by MobiKwik, was leaked as part of the data dump. The website, which is also available on the open web, allowed users to query the database and also displayed KYC information of individuals at random, like selfies they took. This included unredacted photographs of Aadhaar cards, PAN cards and other official documents which can be used to view the details of other users.

Hacker says database deleted voluntarily

In a post on RaidForum, the hacker, who goes by the alias ninja_storm, said that they have deleted all the data and two backups of the data from all their servers, including small copies of the data which a part of the TOR site. “We have very long and deep conversations with some independent security researchers about the consequences if data is leaked or sold and decided we will delete all data from our end as MobiKwik is incompetent in that regard,” they said.

The hacker said that now all user data remains secure with MobiKwik, “no one can misuse it except of course Mobikwik for targeted ads or call which everyone does anyway.” While the hacker had initially sought to blackmail the company, and in return they would delete the data, they decided not to pursue that strategy.

“Originally that was our idea. Later people wanted GDPR type rules in India, so we changed our stance by putting a msg in onion site footer. Now nothing. (Also I should say this fiasco helped our other ventures move faster to goals) So, we didn’t accept any ransom payment too in this deal,” they said.

Advertisement. Scroll to continue reading.

They provided the following statistics as well:

  • TOR site page views: 60,000
  • Non-bot Application Programme Interface calls: 240,000
  • Bot-API calls: 200,000
  • Images extracted: 6,000 out of 33 million
  • Sample file: 100 MB

Delete, Restrict or Ransom?

Screenshots of messages exchanged between the hacker and users on messaging platform Discord reveal that the hacker had partially leaked parts of the data dump online in order to entice bidding from other hackers or hacking groups. The hacker also said that they are looking to sell the information back to the company as well. According to the website the hacker was willing to sell the entire dataset for 1.5 bitcoins or $84,000.

MediaNama cannot independently verify if the hacker has deleted all the data from their servers, if they have only stopped public access to the database through the website, or if a ransom was paid to pull the data and delete backups.

Cyber security researcher Rajshekhar Rajaharia, who was the first to report the data breach at MobiKwik, says that one should be cautious about believing the hackers’ claim that they have deleted all the data. “When I had reported the leak on February 26, this hacker said that they had lost the data. So can we trust them? The data can be uploaded again for all we know or they can share the data to another group or they could sell it in parts,” he said.

In a separate post on RaidForum, dated February 25, ninja_storm said that while moving the data from one server to another they lost access to the primary server mid-way and “lost access to middle server and lost company access.”

“We are looking at the data we currently have. Bad thing is we did zip on server into 100gb parts and we are moving data that way. Now my current understanding is to unzip that data we need to have all zip files. As we lost access to the sending server in midway we have some zip files in our secure server but can’t unzip them at the moment…”

“We will see if we can access middle server somehow and get all data. We have all proofs which we sent to people and shared on discore but we don’t have actual data now… “

Also Read

Advertisement. Scroll to continue reading.

Written By

Reports on banking, payments, fintech and crypto-curencies. Additional reporting on media regulations, data protection and other areas.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



The US and other countries' retreat from a laissez-faire approach to regulating markets presents India with a rare opportunity.


When news that Walmart would soon accept cryptocurrency turned out to be fake, it also became a teachable moment.


The DSCI's guidelines are patient-centric and act as a data privacy roadmap for healthcare service providers.


In this excerpt from the book, the authors focus on personal data and autocracies. One in particular – Russia.  Autocracies always prioritize information control...


By Jai Vipra, Senior Resident Fellow at Vidhi Centre for Legal Policy The use of new technology, including facial recognition technology (FRT) by police...

You May Also Like


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ