As the world is fighting a war against one of the deadly viruses of the millennium and all the Governments are trying their best to keep citizens safe; Same way, all Organizations are fighting a war in the digital world, where they are trying their best to keep the customer information safe.
As Organizations are taking every possible precaution; A rash decision to implement a service quickly over the internet could cause a greater loss without secure configuration of the service.
Recently, Cyble Research Unit (CRU) identified a credible actor with the alias ‘South Korea’ aka ‘John Wick’ who breached SquareYards, Sumo Payroll, and Stashfin. The breaches occurred in early 2020.
Square Yards – Real Estate E-commerce website having 6000 realty projects of around 500 developers across 10 countries – India, UAE, Hong Kong, Singapore, London, Australia, Qatar, Oman, United States, and Canada. The company has raised over 70M USD in funding from known investors such as Reliance Group and Lohia Group.
Sumo Payroll – Top leading cloud-based hr & payroll management software providing features such as Compensation history, Bank Direct Deposits, IT savings declaration, eTDS filling and many other services
Stashfin – A digital lending venture that provides quick personal loans with a 250k+ strong customer base. The company has raised over 30M USD in venture funding thus far.
Given the sensitivity of the matter, Cyble researchers investigated further and acquired the database records along with the structure of the database.
Critical information gathered after analysis –
- Square Yards – Bookings made by customers along with their Full name, Full Address, DOB, PAN, Email, Phone, Country code, Nationality.
Employee data such as Full name, email ID, password, Mobile number, address
- Sumo Payroll – Details of companies and their employees listed with Sumo Payroll information such as – Organization name, employee name, PAN card, Aadhaar Card, Bank details
- Stashfin – Settlement documents, address proof such as Aadhaar card, PAN card, Legal documents, salary slips
Cyble has been reporting these types of breaches to aware individuals of the risks associated with using online services. On this instance, Cyble coordinated the breach through CERT-India.
As soon as our research team identified this leak, the data was instantly acquired and indexed on our data breach monitoring and notification platform, AmiBreached.com – people who’re concerned about their information exposure can register on the platform to ascertain the risks.
We recommend people to:
- Never share personal information, including financial information over the phone, email or SMSs
- Use strong passwords and enforce multi-factor authentication where possible
- Regularly monitor your financial transaction, if you notice any suspicious transaction, contact your bank immediately.
- Turn-on automatic software update feature on your computer, mobile and other connected devices where possible and pragmatic
- Use a reputed anti-virus and internet security software package on your connected devices including PC, Laptop, Mobile
- People who are concerned about their exposure in darkweb can register at AmiBreached.com to ascertain their exposure.
Cyble is an Atlanta, US-based, global premium cyber-security firm with tools and capabilities to provide near real-time cyber threat intelligence.
Cyble Inc.’s mission is to provide organizations with a real-time view of their supply chain cyber threats and risks. Their SaaS-based solution powered by machine learning and human analysis provides organizations’ insights to cyber threats introduced by suppliers and enables them to respond to them faster and more efficiently.
This monitoring and notification platform gives the average consumer insights into their personal cybersecurity issues, allowing them to take action then as needed. It has recently earned accolades from Forbes as being the top 20 cyber-security companies to watch in 2020.