700K Moneycontrol User Records for Sale on the Dark Web

Published 29 April 2021


  • CloudSEK’s XVigil discovered a post advertising the information of 700K records of Moneycontrol users
  • The leaked data includes users' email address, password, phone number, gender, date of birth, etc.

Share this Threat Intel:

 

Category
Adversary Intelligence
Affected Industries
Media
Affected Data Fields
Email, Password, Country, Phone, Mobile, Pincode, DOB, Gender, Address, City, State

 

Executive Summary

CloudSEK’s flagship digital risk monitoring platform XVigil discovered a post, on a surface web database marketplace, advertising 700K records of Moneycontrol users containing their personal information. Moneycontrol is a popular Indian business news website owned by E-EIGHTEEN.com Ltd., a subsidiary of the media house TV18.

The post was published on 26 April 2021 exposing the personal information of 700K users. The threat actor responsible has been active on the forum since 2018 and has a high reputation.

Moneycontrol Post

The Contents of the Leak

The leaked database contains users’ data in the following schema:

  • user_email
  • user_pwd
  • user_country
  • user_phone
  • user_mobile
  • user_pincode
  • user_dob
  • user_gender
  • user_address
  • user_city
  • user_state

Data Verification and Validation 

Using public sources we were able to verify various fields in the leaked data. The passwords that are a part of the leak are provided in clear text.

Moneycontrol Samples

Current Impact

  • The leaked records contain users’ information, that can be leveraged to carry out social engineering attacks.
  • The data can also be used to orchestrate other forms of targeted attacks.

General Recommendations

  • Use strong passwords
  • Enable multi-factor authentication for all online accounts
  • Don’t share OTPs with third-parties
  • Review online accounts and financial statements periodically
  • Regularly update apps and other software

Be informed in your Inbox

Sign up now to our Threat intelligence Newsletter and be the first to know about threats first in your inbox.

Join the Discussions

Discuss your way into our Community about these threats and stay Vigilant and informed.