Despite increase in security, hackers and threat actors worldwide always seem to find a way around safety measures. From conglomerates to banks, no target is too big a target for them. The impact of the damages cost may be in millions or in some cases even in billions.
Cyble came across a DarkWeb post where a threat actor claimed to be in possession of user data from BharatMatrimony.com. Bharat Matrimony caters to a considerable customer base beyond India. The company has offices in India, Dubai, Sri Lanka, United States and Malaysia.
This illegal possession includes the database of BharatMatrimony along with other matrimony sites such as EliteMatrimony. Close to 3+million unique lines of emails and passwords in clear text format are involved.
The threat actor alleged to have exploited an SQL Injection vulnerability on their platform and leveraged that to extract their databases and users records. The actor is actively selling the database in various cybercrime forums for as low as USD 500 equivalent Bitcoins and has also revealed information such as server details of BharatMatrimony along with the list of all 46 databases.
According to the threat actor, the issue has been fixed
The details of the database named as โmatrimonymsโ lists all attributes related to sensitive user information which are available for sale.
The list contains information such as:
- Contact numbers
- Login credentials
- Family details
- Caste details
Cyble contacted Bharat Matrimony for their comments. Sharing the response below –
โWe are aware of a security issue that has been reported to us recently. As per our investigation, there has been no breach of our current active database of customers. What has been reported belongs to an old database and no sensitive information has been compromised, as we continue to follow highest order of industry encryption for our customers.
Security is a high priority focus area which is continuously monitored through technology advancements and interventions. We assure you that we remain 100% committed to it.โ
People whoโre concerned about their information exposure can register on Cybleโs AmiBreached.com platform to ascertain the risks. Also, android users (Link) and iOS users (Link) can gain full access to AmiBreached platform by downloading the mobile application.
We recommend people to:
- Never share personal information, including financial information over the phone, email or SMSs
- Use strong passwords and enforce multi-factor authentication where possible
- Regularly monitor your financial transaction, if you notice any suspicious transaction, contact your bank immediately.
- Turn-on automatic software update feature on your computer, mobile and other connected devices where possible and pragmatic
- Use a reputed anti-virus and internet security software package on your connected devices including PC, Laptop, Mobile
- People who are concerned about their exposure in darkweb can register at AmiBreached.com to ascertain their exposure.
About Cyble
Cybleโฏis a globalโฏthreat intelligenceโฏSaaSโฏprovider that helps enterprises protect themselvesโฏfrom cybercrimesโฏandโฏexposure in theโฏdarkweb.โฏCybleโs prime focusโฏis to provide organizations with real-time visibility into their digital riskโฏfootprint.โฏBacked by Y Combinator as part of the 2021 winter cohort,โฏCybleโฏhasโฏalsoโฏbeen recognized by Forbes as one of the top 20 Best CybersecurityโฏStartupsโฏTo Watch In 2020.โฏHeadquartered inโฏAlpharetta, Georgia,โฏand withโฏoffices inโฏAustralia, Singapore, andโฏIndia,โฏCybleโฏhas a global presence.โฏTo learn more aboutโฏCyble, visitโฏwww.cyble.io.โฏโฏโฏย
