Upstox alerts users of potential data breach, says funds and securities are safe

Retail broking firm Upstox on Sunday disclosed that its databases containing user details might have been breached, adding that it had taken steps to mitigate the issue, inform the authorities and improve its existing security systems.

By: HT TECH
| Updated on: Aug 21 2022, 16:34 IST
The company says it has strengthened its existing systems.
The company says it has strengthened its existing systems. (Pixabay)

Brokerage firm Upstox on Sunday disclosed that its databases containing user details might have been breached, adding that it had taken steps to mitigate the issue, inform the authorities and improve its existing security systems. The revelations come shortly after another startup reportedly suffered a data breach involving millions of user's personal information.

In an announcement made on the company's website on Sunday, the company stated that it had received information that its database had been accessed without authorisation and that these databases included user's contact information and their KYC information. However, the company stated that all of their clients' funds were protected and not affected by the breach. The incident was first reported by the Economic Times

You may be interested in

MobilesTablets Laptops
7% OFF
Apple iPhone 15 Pro Max
  • Black Titanium
  • 8 GB RAM
  • 256 GB Storage
23% OFF
Samsung Galaxy S23 Ultra 5G
  • Green
  • 12 GB RAM
  • 256 GB Storage
Google Pixel 8 Pro
  • Obsidian
  • 12 GB RAM
  • 128 GB Storage
Apple iPhone 15 Plus
  • Black
  • 6 GB RAM
  • 128 GB Storage

Also read: Data breaches can impact a brand's relative strength and here's what's at peril

Also read
Looking for a smartphone? To check mobile finder click here.

“We have upgraded our security systems manifold recently, on the recommendations of a global cyber-security firm. We brought in the expertise of this globally renowned firm after we received emails claiming unauthorized access into our database,” the company posted on its website. It also said that client funds could only be moved to a linked bank account and that securities were held with the relevant depositories.

The company says it has strengthened its existing systems by immediately restricting access to the impacted database, adding multiple security enhancements at all third party data-warehouses, setting up real-time 24x7 monitoring, and adding additional ring-fencing to the network. “As a matter of abundant caution, we have also initiated a secure password reset via OTP,” the company said.

Read more: MobiKwik says it is probing data breach claims

The company said it is also scaling up its bug bounty program “to encourage ethical hackers” to “stress-test its systems and protocols” and “help it identify any vulnerabilities” from time to time. The company said it had already reported the incident to the authorities and advised customers to follow secure practices like using strong passwords, never sharing OTPs, and watch out for unauthorised OTPs, while checking the legitimacy of links and senders.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 11 Apr, 22:37 IST
NEXT ARTICLE BEGINS