Data Breach of Indian Brokerage Firm Upstox

Upstox, one of the largest discount broking firms, recently suffered a security breach of its systems, resulting in the disclosure of its customers’ sensitive information. Though the exact number is not clear, but data of at least 25 lakh customers were breached. The leaked data includes names, email addresses, dates of birth, bank account information, and about 56 million know your customer (KYC) documents extracted from the company’s server.

The breach was first disclosed by independent researcher Rajshekhar Rajaharia on April 11

Cause of Data breach: Misconfigured AWS server which lead to unauthorized access to the database. Also lack of security enhancements at its third-party data warehouses.

Upstox has stated that now they have initiated a secure password reset via OTP. The broking house has also immediately restricted access to the impacted database, added multiple security enhancements at all third-party data-warehouses, set up real-time 24×7 monitoring and ring-fenced the network.

SEBI mandate:

  • The Securities and Exchange Board of India (SEBI) has made compulsory that all market intermediary institutions such as exchanges, depositories and brokerages adhere to its guidelines from April 1, 2019.
  • It has asked exchanges and brokerages to identify critical IT assets and risks, protect these assets by deploying suitable controls, tools and measures, detect incidents, anomalies and attacks through appropriate monitoring tools/processes; respond by taking immediate steps after identification of the incident, anomaly or attack and recover through incident management and other appropriate recovery mechanisms.
  • SEBI, in its annual report for 2019-20, has acknowledged the threat of cyber-attacks that could compromise the confidentiality, integrity and availability of computer systems, networks and databases in the market’s ecosystem.
  • Though Upstox was quick to address and fix the issue, it also gave a wake-up call to all intermediaries and market infrastructure institutions to strengthen their cyber security team.

Source: TheHackernews

Remediation:

  1. Update your Upstox account’s password.
  2. Enable Multifactor Authentication on your Upstox’s profile.