India’s largest securities depository Central Depository Services Limited (CDSL) exposed sensitive data of around 4.39 crore investors, cybersecurity firm CyberX9 reported on November 8. CDSL is one of the two SEBI-regulated depositories that hold securities like shares, mutual funds, and bonds in electronic format. Nearly 600 stockbrokers who collectively have over 4 crore investor accounts are associated with CDSL. Although the vulnerabilities that exposed the sensitive data have now been fixed, there are significant ramifications if the data fell into the wrong hands. "We strongly suspect that the data might’ve already been stolen by malicious attackers," CyberX9 said. "There is a need for a fair security audit of CDSL by the government," the firm added. MediaNama has reached out to CDSL for comments and will update this report if we receive a response. Twice in one month On October 19, CyberX9 discovered…
