A recent report states that Justdial, one of the largest service companies in India, has suffered a data breach that led to the exposure of confidential records of more than 100 million users. According to researcher Rajshekhar Rajaharia, the information remained exposed since March 2020.

Starting as a local phone-based directory, Justdial offers bill services, top-ups, grocery delivery, reservation system management, taxis, airline tickets and other services.

The leak consists of records of users’ personal information, including usernames, email addresses, phone numbers and dates of birth. This incident appears to be related to a flaw detected in 2019 by Justdial’s teams and which was apparently not properly addressed.

As in other similar incidents, the detection of the unprotected database does not mean that the threat actors have accessed the exposed information; however, it does imply the risk that this information will eventually be used to deploy massive phishing campaigns. The company has not issued any statements on the matter, although it has already received multiple requests for information.

Justdial is not the only company operating in India that has been the victim of similar incidents recently. Last May, pizza chain Domino’s India suffered a massive leak of information; the compromised data was eventually put up for sale on a dark web forum.

At the time, threat actors claimed to have extracted nearly 13 TB of confidential information held by Domino’s India. These confidential records included names, email addresses, phone numbers and location details.

Another major data breach this year impacted MobiKwik’s systems, which denied claims about a data breach that impacted 100 million users. It is mentioned that this information would be for sale on the dark web, although so far nothing has been confirmed about it.

For further reports on vulnerabilities, exploits, malware variants, cybersecurity risks and information security courses fell free to visit the International Institute of Cyber Security (IICS) websites, as well as the official platforms of technology companies.

The post Justdial leaks personal data of 100 million users… Again appeared first on Information Security Newspaper | Hacking News.

You May Also Like

More than 13 million records belonging to Banorte customers for sale on dark web; contact your bank to prevent theft and fraud

Specialists from a cybersecurity firm claim to have found a hacker selling…

Brazilian cybercriminals created fake Uber, DoorDash and other digital platforms accounts to earn thousands of dollars

A recent report by the Federal Bureau of Investigation (FBI) points to…

How scammers are using job offers to steal your identity

Through its Internet Crime Center (IC3), the Federal Bureau of Investigation (FBI)…

Hackers are mailing ransomware-infected USB devices to employees of hundreds of companies to take control of their networks

In its latest alert, the Federal Bureau of Investigation (FBI) mentions that…