Part two of a three-part analysis of major cyber attacks in India continues from Part 1. The pattern across these incidents is consistent: credential theft, weak second factors, and unhardened privileged access. AmbiSecure aims to protect connected systems against cybercrime.
Major Breaches Detailed
SBI Data Breach
State Bank of India's unsecured server exposed "three million text messages sent to customers" through SBI Quick, revealing account balances and recent transactions.
Domino's India Incident
A hacker offered 13 TB of data including "180 million Domino's India pizza orders" along with customer names, phone numbers, and email addresses for 10 bitcoin. Jubilant Food Works acknowledged the breach but stated customer financial information wasn't compromised.
Upstox Trading Platform
The platform reset passwords after a breach report involving "know-your-customer (KYC) data" held in a third-party warehouse.
Police Exam Database
"Personally identifiable information of 500,000 Indian police personnel was put up for sale" containing names, mobile numbers, email IDs, birth dates, FIR records, and criminal histories.
COVID-19 Test Results
Patient test results became publicly accessible through Google indexing, showing names, birth dates, testing dates, and testing centers from government websites.
About AmbiSecure
AmbiSecure provides FIDO2 protocol support for password-less authentication, offering hardware-based security without requiring batteries or network connectivity.