Cyber Incident Victim: Juspay.in
Date:
Dec 2020
Location:
India
Summary
A data breach broker marketed stolen user records from Juspay.in alongside 25 other companies, totaling 368.8 million compromised accounts. The company's alleged breach involved 100 million user records, which were listed for sale on a hacker forum as part of a larger dataset. This incident occurred among multiple previously undisclosed breaches, though Juspay's compromise had been publicly acknowledged prior to the broker's advertisement. While specific data types for the company weren't detailed in this listing, the broader incident highlighted widespread unauthorized access to customer information across numerous organizations. The broker's activities demonstrated coordinated efforts to monetize stolen datasets through underground markets.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In December 2020, a data breach broker advertised the sale of 368.8 million user records allegedly stolen from 26 companies on a hacker forum, including Juspay.in. The broker’s listing specified that Juspay.in’s dataset contained 100 million user records, marking it as one of the largest breaches among the affected organizations. This incident was part of a broader campaign where threat actors collaborated with brokers to monetize stolen data through dark web marketplaces. Juspay.in’s breach had been previously disclosed, distinguishing it from eight newly exposed companies in the broker’s portfolio. The broker categorized the datasets by volume and pricing, though Juspay.in’s specific sale price was not detailed in the forum post. BleepingComputer verified the legitimacy of historical breaches through prior disclosures linked in the broker’s table, confirming Juspay.in’s inclusion in earlier breach reports. The scale of the combined datasets—spanning e-commerce, fitness, education, and other sectors—highlighted the operational efficiency of data brokerage networks in facilitating large-scale cybercrime.
The exposure of Juspay.in’s user records occurred alongside high-profile breaches such as BigBasket (20 million records) and Netlog (53 million records), though the article did not specify the exact data types compromised in Juspay.in’s case. No statement from Juspay.in was included in the article, unlike responses from MyON and Chqbook, which either confirmed breaches or denied involvement. BleepingComputer noted that historically, such broker listings tended to be legitimate, often prompting eventual disclosures by affected companies. The article advised users of all listed platforms, including Juspay.in, to reset passwords as a precautionary measure, though it did not cite any confirmed malicious use of Juspay.in’s data at the time of reporting. The incident underscored the persistent challenges of securing user data against coordinated theft and resale operations targeting multiple industries simultaneously.