Guwahati, Feb 17: Moneycontrol, a well-known financial and business portal, boasts a sizable monthly readership of 42.39 million visitors. But unfortunately, the platform experienced a data breach in March 2021 that exposed the email addresses, phone numbers, and passwords of 7 lakh Indian customers.
The compromised data was afterwards offered for sale on online forums for about $350.
In order to investigate more about the worrisome matter Rony Das, a security expert and ethical hacker, along with his associates Aditya Singh and Sagar Dahal performed a root cause analysis to determine how a major financial powerhouse with millions of users' could put their data at risk which can be vulnerable to cyber attacks.
Their study revealed the same methods that hackers used to attain access to the Moneycontrol servers and steal millions of consumer’s personal data.
Furthermore, they were also able to duplicate the attack, gaining access to the information of the staggering 1.6 crore Moneycontrol subscribers in India with just a few clicks.
Users of Moneycontrol are at serious risk, particularly if foreign attackers try to distort the platform's crucial financial news, which is released each morning before the stock market opens. If the news is fabricated, it might easily persuade the 1.6 crore Indian users of the network to engage in malicious activities.
Despite their best efforts, Das, Singh, and Dahal were unable to get through to the proper authorities to report the violation.
The MoneyControl team's inadequate response to their concerns emphasises the need for better coordination between security specialists and the platform's management.
To address this grave situation and guarantee the safety and security of Moneycontrol's millions of users, immediate action is required.