{"id":692459,"date":"2025-09-28T14:45:21","date_gmt":"2025-09-28T11:45:21","guid":{"rendered":"https:\/\/buradabiliyorum.com\/en\/thousands-of-indian-bank-transfer-records-found-spilling-online-after-security-lapse\/"},"modified":"2025-09-28T14:45:21","modified_gmt":"2025-09-28T11:45:21","slug":"thousands-of-indian-bank-transfer-records-found-spilling-online-after-security-lapse","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/thousands-of-indian-bank-transfer-records-found-spilling-online-after-security-lapse\/","title":{"rendered":"Thousands of Indian bank transfer records found spilling online after security lapse"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a4118610f3ba\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a4118610f3ba\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/thousands-of-indian-bank-transfer-records-found-spilling-online-after-security-lapse\/#Data_secured_Nupay_blames_%E2%80%98configuration_gap\" >Data secured, Nupay blames \u2018configuration gap\u2019<\/a><\/li><\/ul><\/nav><\/div>\n<div>\n<p id=\"speakable-summary\" class=\"wp-block-paragraph\">A data spill from an unsecured cloud server has exposed hundreds of thousands of sensitive bank transfer documents in India, revealing account numbers, transaction figures, and individuals\u2019 contact details.<\/p>\n<p class=\"wp-block-paragraph\">Researchers at cybersecurity firm UpGuard discovered in late August a publicly accessible Amazon-hosted storage server containing 273,000 PDF documents relating to bank transfers of Indian customers.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">The exposed files contained completed transaction forms intended for processing via the National Automated Clearing House, or NACH, a <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.npci.org.in\/what-we-do\/nach\/product-overview\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">centralized system<\/a> used by banks in India to facilitate high-volume recurring transactions, such as salaries, loan repayments, and utility payments.<\/p>\n<p class=\"wp-block-paragraph\">The data was linked to at least 38 different banks and financial institutions, the researchers told TechCrunch.<\/p>\n<p class=\"wp-block-paragraph\">The spilling data was eventually plugged, but the researchers said they could not identify the source of the leak.<\/p>\n<p class=\"wp-block-paragraph\">Following the publication of this article, Indian fintech company Nupay reached out to TechCrunch by email to confirm that it \u201caddressed a configuration gap in an Amazon S3 storage bucket\u201d that contained the bank transfer forms.<\/p>\n<p class=\"wp-block-paragraph\">It\u2019s not clear why the data was left publicly exposed and accessible to the internet, though security lapses of this nature are not uncommon due to human error.<\/p>\n<h2 class=\"wp-block-heading\" id=\"h-data-secured-nupay-blames-configuration-gap\"><span class=\"ez-toc-section\" id=\"Data_secured_Nupay_blames_%E2%80%98configuration_gap\"><\/span>Data secured, Nupay blames \u2018configuration gap\u2019<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p class=\"wp-block-paragraph\">In <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.upguard.com\/breaches\/india-bank-transfers-data-leak\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">its blog post<\/a> detailing its findings, the UpGuard researchers said that out of a sample of 55,000 documents that they looked at, more than half of the files mentioned the name of Indian lender Aye Finance, which had filed for a $171 million IPO last year. The Indian state-owned State Bank of India was the next institution to <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>ear by frequency in the sample documents, according to the researchers.<\/p>\n<p class=\"wp-block-paragraph\">After discovering the exposed data, UpGuard\u2019s researchers notified Aye Finance through its corporate, customer care, and grievance redressal email addresses. The researchers also alerted the National Payments Corporation of India, or NPCI, the government body responsible for managing NACH.<\/p>\n<p class=\"wp-block-paragraph\">By early September, the researchers said the data was still exposed and that thousands of files were being added to the exposed server daily.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">UpGuard said it then alerted India\u2019s computer emergency response team, CERT-In. The exposed data was secured shortly after, the researchers told TechCrunch.<\/p>\n<p class=\"wp-block-paragraph\">Despite this, it remained unclear who was responsible for the security lapse. Spokespeople for Aye Finance and NCPI denied that they were the source of the data spill, and a spokesperson for the State Bank of India acknowledged our outreach but did not provide comment.<\/p>\n<p class=\"wp-block-paragraph\">Following publication, Nupay confirmed that it was the cause of the data spill.<\/p>\n<p>Nupay\u2019s co-founder and chief operating officer, Neeraj Singh, told TechCrunch that a \u201climited set of test records with basic customer details\u201d was stored in the Amazon S3 bucket and claimed \u201ca majority were dummy or test files.\u201d<\/p>\n<p class=\"wp-block-paragraph\">The company said its Amazon-hosted logs \u201cconfirmed that there has been no unauthorized access, data leakage, misuse, or financial impact.\u201d<\/p>\n<p class=\"wp-block-paragraph\">UpGuard disputed Nupay\u2019s claims, telling TechCrunch that only a few hundred of the thousands of files its researchers sampled appeared to contain test data or had Nupay\u2019s name on the forms. UpGuard added that it was unclear how Nupay\u2019s cloud logs can allegedly rule out any access to Nupay\u2019s then-public Amazon S3 bucket, given that Nupay has not asked UpGuard for its IP addresses that were used to investigate the data exposure.<\/p>\n<p class=\"wp-block-paragraph\">UpGuard also noted that details of the Amazon bucket were not limited to its researchers, as the address of the public Amazon S3 bucket had been indexed by Grayhatwarfare, a searchable database that indexes publicly visible cloud storage.<\/p>\n<p class=\"wp-block-paragraph\">When asked by TechCrunch, Nupay\u2019s Singh did not im<a href=\"https:\/\/buradabiliyorum.com\/en\/category\/social-mediaa\/\" data-internallinksmanager029f6b8e52c=\"1\" title=\"Social Media\" target=\"_blank\" rel=\"noopener\">media<\/a>tely say how long the Amazon S3 bucket was publicly accessible to the web.<\/p>\n<p class=\"wp-block-paragraph\"><em>First published on September 25 and updated with new information from Nupay. <\/em><\/p>\n<\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMN63nwsw68G3Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more like this article, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/buradabiliyorum.com\/en\/category\/technology\/\" target=\"_blank\" >Technology<\/a><\/span> category.<\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/techcrunch.com\/2025\/09\/26\/thousands-of-indian-bank-transfer-records-found-online\/\" target=\"_blank\" >Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A data spill from an unsecured cloud server has exposed hundreds of thousands of sensitive bank transfer documents in India, revealing account numbers, transaction figures, and individuals\u2019 contact details. Researchers at cybersecurity firm UpGuard discovered in late August a publicly accessible Amazon-hosted storage server containing 273,000 PDF documents relating to bank transfers of Indian customers.\u00a0&#8230;<\/p>\n","protected":false},"author":1,"featured_media":692460,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/techcrunch.com\/wp-content\/uploads\/2025\/09\/india-cash-money-transfers-2232346772.jpg?resize=1200,800","fifu_image_alt":"","footnotes":""},"categories":[18],"tags":[70375,158849,71006,17318,72287],"class_list":["post-692459","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology","tag-cybersecurity","tag-data-exposure","tag-fraud","tag-india","tag-security"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/692459","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=692459"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/692459\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/692460"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=692459"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=692459"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=692459"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}