Indian e-Payments App Exposes More Than 7 Million Users in Massive Data Breach
Led by Noam Rotem and Ran Locar, vpnMentor’s research team discovered a massive amount of incredibly sensitive financial data connected to India’s mobile payment app Bharat Interface for Money (BHIM) that was exposed to the public.
According to a vpnMentor report, the website was being used in a campaign to sign large numbers of users and business merchants to the app from communities across India. All related data from this campaign was being stored on a misconfigured Amazon Web Services S3 bucket and was publicly accessible.