In April 2021, Indian brokerage firm Upstox suffered a data breach. The incident exposed extensive personal information on over 100k customers including names, genders, dates of birth, physical addresses, banking information and passwords stored as bcrypt hashes. Extensive “know your customer” information was also exposed including scans of bank statements, cheques and identity documents complete with Aadhaar numbers.

Domain Entries Date Breached Hashing Privacy acknowledged? 111,002 2021-04-08 bcrypt Public No

Information leaked

Bank account numbers, Dates of birth, Email addresses, Family members' names, Genders, Government issued IDs, Income levels, Marital statuses, Nationalities, Occupations, Passwords, Phone numbers, Physical addresses

Notice any errors/mistakes in this breach entry? Please contact us and we will fix it ASAP. We strive to be the best and most accurate, so your contribution(s) will be greatly appreciated.