Upstox, an India-based stock trading platform, has disclosed that it fell victim to a major security data breach and immediately notified its clients.

The breach has compromised data, including contact information, date of birth, financial information, names, and millions of KYC (Know Your Customer) details of Upstox customers.  Nevertheless, the users were told that their funds and securities are protected and remain safe.

As stated by Upstox, they received various emails requesting unauthorized access into their database from a warehouse situated at a third-party facility.

The cybercriminals even posted a sample of the compromised data on the dark web on Monday morning.

Following the data breach, the security system on all its servers has been increased, the India-based company declared. It also said that it has put up several security protocols in place, especially at third-party warehouses. These include real-time non-stop surveillance and extra ring-fencing of its network.

For its users, the company has also initiated a secure password reset via OTP.

We would like to assure you that your funds and securities are protected and remain safe. Funds can only be moved to your linked bank accounts and your securities are held with the relevant depositories. As a matter of abundant caution, we have also initiated a secure password reset via OTP.


It is believed that all the KYC (Know Your Customer) information has been stolen by the ShinyHunters gang after they obtain access to the company’s Amazon AWS key.

Who Are the ShinyHunters?

ShinyHunters is a criminal black-hat hacker group associated with multiple data breaches. The stolen information is often sold on the dark web. The gang is behind various hacking attacks involving top Indian organizations, such as Bigbasket, BuyUcoin, and JusPay.

The hackers have also divulged 19 lakh user records stolen from free online photo editing application Pixlr.s.

As stated by security researcher Rajshekhar Rajaharia, the hackers were attempting to get a ransom payment from Upstox for the stolen data.

At the moment, there is no indication at the scale of the data leak since Upstox (with over three million users) doesn’t know the number of customers whose data has been exposed.

The organization declares it has temporarily deactivated its desktop trading platforms, NEST trader terminal, Dartstock & Fox Trader, and recommends trading via its website.

Upstox also urges its users to use new passwords that are unique and strong and advises not sharing their OTP (one-time-password) code with anyone.

Following the data breach incident, the users were reminded that the Indian stock trading firm Upstox takes customers’ security and privacy “very seriously.”

Heimdal Official Logo
Email is the most common attack vector used as an entry point into an organization’s systems.

Heimdal® Email Security

Is the next-level email protection solution which secures all your incoming and outgoing comunications.
  • Completely secure your infrastructure against email-delivered threats;
  • Deep content scanning for malicious attachments and links;
  • Block Phishing and man-in-the-email attacks;
  • Complete email-based reporting for compliance & auditing requirements;
Try it for FREE today 30-day Free Trial. Offer valid only for companies.

Deep Web vs. Dark Web: What is Each and How Do They Work

Leave a Reply

Your email address will not be published. Required fields are marked *