Upstox is the leading discount broker in the country. Upstox was formerly known as RKSV technologies. Upstox is backed by some of the top investors in the country which include Tiger Global and Ratan Tata. The company has nearly 30 Lakh users making it the second-largest stockbroker in the country.
Over the last few years, Upstox has increased its client base and ramped up its operations because of the easy availability of Smart Phones and cheap data prices. Recently Upstox had signed up with the Board of Cricket in India to be one of the sponsors of the Indian Premier League (IPL)
The company has announced and passed on an alert to their customer of the data breach. Let’s look at the further details of the data breach.
How Upstox suffered a Data breach
Measures taken by Upstox
Measures taken by Upstox for the customers
Funds and Securities of the customers
FAQ
How Upstox suffered a Data breach
Retail broking firm and one of the leading discount brokers of the country Upstox had alerted its customers that there has been a data breach in the company. They have told that details such as contact data and KYC details of the customers have been breached.
A spokesman of the company through an email statement had said that the hackers’ group has put the sample of the data on the Dark Web. The spokesman of the company added on saying that for now, the company is not exactly sure about the certainty of the number of customers whose data has been exposed.
It is estimated that around 25 lakhs of its customers KYC data and contact numbers have been gained access by the hackers. This incident has happened in the midst of data breaches in some of the leading domestic companies and global giants such as LinkedIn, Facebook and Mobikwik.
Measures taken by Upstox
The company has said that they had received receipts of emails that claimed unauthorized access to their databases. In response to it, the company has appointed a leading international cyber-security firm that will investigate the possibilities of the data breach of KYC details of customers. They would investigate on the KYC data stored in third-party data warehouse systems.
The spokesman of the company has added that as a proactive measure the company has taken steps to initiate multiple security enhancements which will particularly concentrate on the third-party warehouses.
The company has also taken steps to increase real-time monitoring to 24/7 and adding an additional ring-fencing to its network said the spokesman of the company.
He added that the company has ensured to restrict the access to the databases which has impacted in the breach. The company has also added multiple security enhancements at all third-party warehouses.
Upstox has taken measures to speed up its bug bounty programme to encourage the ethical hackers to stress-test its systems and protocols. This is a step taken by the company where it makes ethical hackers to hack into their systems to understand the vulnerabilities and identify the problems in the safety of the company’s data. This activity will be undertaken from time to time in regular intervals.
Measures taken by Upstox for the customers
The company has taken an abundant caution towards the security of the customers. The company has taken the initiative to provide a secured password reset through OTPs for all its customers. The company has said that they take the safety of customers very seriously.
The CEO of the company Ravi Kumar has said that this time the company has strongly fortified its systems to the most highest standards to ensure higher safety.
The company has always made the customers to use unique passwords that are strong. They have ensured that the customers would change their passwords in regular intervals and stressed on not to share their OTPs with anyone.
The company has said that it has also taken steps to warn the customers about the online frauds and to double-check the legitimacy of the links and senders. They have asked the customers to keep a check on the OTPs they receive and the ones they have requested.
Upstox has always asked its customers to report and alert the service providers if they notice such activities.
Funds and Securities of the customers
The spokesperson of Upstox has said that, the funds and securities of all Upstox customers are safe and have been protected by the company.
Ravi Kumar who is the CEO and Co-founder of the company has also tweeted about it saying that funds and securities of the customers are protected and kept safe by the company.
FAQ
Is Upstox funded by Ratan Tata?
Yes. Upstox is an online discount stock broker backed by funding from Mr. Ratan Tata. He held 1.33% stake in the company As of Jan 2020.
Who is owner of Upstox?
Founders of RKSV Securities (Changed to Upstox Later) are Ravi Kumar, Raghu Kumar and Shrinivas Viswanath are the owner of Upstox.
Is Upstox SEBI registered?
Yes, It is registered with the Securities & Exchange Board of India (SEBI) as a stock broker.
Conclusion
These are the steps taken by Upstox regarding their data breach.
Author: Alan Joseph
Source : https://startuptalky.com/upstox-data-breach-case-study/
Date : 2021-04-13T05:57:13.000Z