Thousands of Indian bank transfer records were found online

Revealing data spill from a cloud server that is not guaranteed to hundreds of thousands of sensitive bank transfer documents in India, revealing the numbers of accounts, transactions numbers and details of communication with individuals.

Researchers at Cyblessecacity discovered Upguard in late August a possible storage server by Amazon, which contains 273,000 PDF documents related to bank transfers for Indian customers.

The exposed files contained complete transaction models dedicated to processing across the National Clearing House, or Nach, a Central system Banks use them in India to facilitate large -sized repeated transactions, such as salaries, loan payment and utilities payments.

The researchers told Techcrunch: The data has been linked to at least 38 banks and financial institutions.

It is not clear why the data was left publicly exposed and available to the Internet, although security lapses of this type are not uncommon due to poor formation and human error.

But it is still unclear who caused the data leakage that he obtained, and it is eventually responsible for alerting those who have been exposed to their personal data.

The data has been secured, but no one accepts the blame

in Blog post In detail the results, researchers at Upguard said that among a sample of 55,000 documents, more than half of the files mentioned the name of the Indian lender Aye financingThat was I submitted for the public subscription of $ 171 million last year. The state -owned Indian Bank of State was the next institution that appears to be hesitant in the sample documents, according to researchers.

After discovering the open data, the researchers at Upeguard Aye Finance informed the email addresses of its companies and customer service and grievance. The researchers also alerted the National Payments Foundation in India, or NPCI, the governmental body responsible for the NACH administration.

By early September, the researchers said the data is still exposed and that thousands of files were added to the open servant daily.

Upguard said it alerted the response team to India, Cert-in. Soon after, the open data was secured, according to Techcrunch.

But it seems that no one wants to take responsibility for the security break.

When it was reached for the comment, NPCI ANKUR Dahiya Techcrunch told the open data that did not come from its systems.

The spokesman said in an e -mail sent to Techcrunch:

Aye Finance, founder and executive director of Aye Finance, Sanjay Sharma, did not respond to a comment from Techcrunch. Also, the State Bank in India did not respond to the request.