Indian Mobile Phone Gateway MobiKwik Looks Into 110 Million User Data Breach

MobiKwik, the Indian payments firm, will get an independent audit after a reported breach that could’ve compromised the data of millions of users, Reuters reports.

Last month, an Indian security researcher said that the data from 110 million MobiKwik users had been leaked from the company servers.

Reuters reports that MobiKwik denied that claim at the time, saying it hadn’t found any security lapses, and saying its legal team would be taking “strict action” against the researcher.

But several other users later said the leak was genuine. Since then, MobiKwik has taken the charges more seriously, saying it is “closely working with requisite authorities, and is confident that security protocols to store sensitive data are robust and have not been breached.”

“Considering the seriousness of the allegations, and by way of abundant caution, it will get a third party to conduct a forensic data security audit,” the company said in a statement, according to Reuters.

The company has also said in the past that data might not have come from its servers, instead possibly stolen from numerous other platforms the users had uploaded them to.

P2P payment apps have grown in popularity, with third-party solutions like Venmo and CashApp becoming wildly popular. But with that comes a new level of security concerns, with fraudsters utilizing a number of schemes in order to intercept payments or fool the users of the app into to paying them directly. As the apps have grown in popularity, this issue has only become worse — the number of P2P fraud victims has increased by 733 percent since 2016.

With the pandemic making fraud more ubiquitous, apps have to take charge as well as users, requiring things like MFA, which makes users enter in secondary validation measures, including emailed security codes or biometric fingerprint scans in addition to passwords.