Experts Reacted On Payment Processor Juspay Leaks 100 Mil+ Cardholders’ Data

Cybersecurity researcher Rajshekhar Rajaharia disclosed the discovery of a breach of Juspay revealing the data of over 100 million credit and debit card users, including their full names, phone numbers, email addresses, and the first and last four digits of their cards. E-merchants such as Amazon use its payments services.

Experts Comments

January 05, 2021
Saryu Nayyar
CEO
Gurucul

The Juspay breach shows that 2021 is starting off Business as Usual for malicious actors, with long dwell times between intrusion and discovery.  While some of the data in this breach were obfuscated, there is a very real possibility that the attackers could overcome the obfuscation.  Even if they don't, the stolen information could be used for sophisticated social engineering or spear-phishing attacks.

 

Perhaps the biggest concern is the dwell time.   The breach happening mid-August 2020 and

.....Read More

The Juspay breach shows that 2021 is starting off Business as Usual for malicious actors, with long dwell times between intrusion and discovery.  While some of the data in this breach were obfuscated, there is a very real possibility that the attackers could overcome the obfuscation.  Even if they don't, the stolen information could be used for sophisticated social engineering or spear-phishing attacks.

 

Perhaps the biggest concern is the dwell time.   The breach happening mid-August 2020 and only being reported now, indicates there may have been some gaps in Juspay's security stack or their security operations process.

 

  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.