Impact Guru

Impact Guru operates as a crowdfunding platform that enables individuals and organisations to raise funds for non‑governmental organisations and social causes. The service is headquartered in India and is designed to support fundraising campaigns that can reach donors across multiple countries. Users create campaign pages, set funding goals, and share them through social media and other channels to attract contributions. The platform processes the financial transactions associated with these campaigns, handling payments in various currencies. By focusing on the nonprofit sector, Impact Guru positions itself as a facilitator of philanthropic giving rather than a commercial investment venue.

Prior to the July 2020 incident, the platform had already processed substantial financial transactions for campaigns operating in several jurisdictions, indicating a notable international footprint. The breach disclosed in July 2020 exposed over 500,000 user records, demonstrating that the service had accumulated at least that many registered accounts at the time. Compromised data included personally identifiable information such as PAN and Aadhar numbers, banking details for more than 8,000 users, and chat histories, which underscores the breadth of information stored by the platform. Researchers validated the breach by analysing the leaked database structure and confirming samples obtained from dark‑web forums. The incident highlighted security misconfigurations in the platform’s internet‑facing systems that allowed threat actors to access internal databases. These facts collectively illustrate both the scale of Impact Guru’s user base and the sensitivity of the data it manages.