Amazon Payment Processor Leaked Data of 100M Cardholders

Image containing the words “data breach”

Juspay, a payment processor for Amazon, MakeMyTrip, Swiggy, and others, has reported a data breach that leaked the data of over 100 million credit and debit cardholders.

Juspay Data Breach

The breach occurred on August 18, 2020, and leaked data includes “non-sensitive” masked card information, card expiry information, phone numbers and email addresses. Full card numbers, order information, card PINs, and passwords were not leaked. Security researcher Rajshekhar Rajaharia found the data dump on the dark web for sale.

Don’t miss the best of The Mac Observer

Set us as a preferred source and our Apple reporting ranks higher in your Google Search results and Discover feed — one tap, no account changes.

Or get it by email

Mr. Rajaharia told Business Insider that Juspay only masked six out of sixteeen digits for card numbers. While this is good, the rest of the data could be exposed if the hackers can reverse-engineer Juspay’s hashing algorithm.

Discussion

1 comment
Join the discussionCommenting as a guest — your email is never published · Log in

Protected by Akismet — be kind, stay on topic.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  1. MacHeritage Subscriber 6 years ago

    So this must be how “Mexico” got my CC late last year. I only had my card with a few large companies including Apple, Amazon and PayPal and none of my accounts were hacked. This now makes sense.

    Reply