|###### Category||Adversary Intelligence|
|###### Affected Industries||Media|
|###### Affected Data Fields||Email, Password, Country, Phone, Mobile, Pincode, DOB, Gender, Address, City, State|
CloudSEK’s flagship digital risk monitoring platform XVigil discovered a post, on a surface web database marketplace, advertising 700K records of Moneycontrol users containing their personal information. Moneycontrol is a popular Indian business news website owned by E-EIGHTEEN.com Ltd., a subsidiary of the media house TV18.
The post was published on 26 April 2021 exposing the personal information of 700K users. The threat actor responsible has been active on the forum since 2018 and has a high reputation.
The leaked database contains users’ data in the following schema:
Using public sources we were able to verify various fields in the leaked data. The passwords that are a part of the leak are provided in clear text.
- The leaked records contain users’ information, that can be leveraged to carry out social engineering attacks.
- The data can also be used to orchestrate other forms of targeted attacks.
- Use strong passwords
- Enable multi-factor authentication for all online accounts
- Don’t share OTPs with third-parties
- Review online accounts and financial statements periodically
- Regularly update apps and other software