Threat Actors Allegedly Claiming Breach NoBroker Data

The hacking group known as Kill Security has claimed responsibility for breaching the data of NoBroker, a prominent Bangalore-based prop-tech company.

This claim, which emerged on social media, has raised concerns regarding the security of personal data managed by NoBroker, a platform known for facilitating brokerage-free real estate transactions in India.

Details of the Alleged Breach

According to reports from HackManac, the breach involves the exfiltration of sensitive personally identifiable information (PII) from NoBroker’s databases.

The compromised data reportedly includes users’ names, addresses, and permanent account numbers (PANs).

Additionally, financial data related to stamp duty and registration fee transaction amounts have allegedly been accessed.

The hacking group claims to have obtained legal agreements concerning non-residential property usage and consent forms for Aadhaar-based verification, including biometric data.

The potential exposure of such sensitive information poses a significant risk to affected individuals, as it could lead to identity theft and financial fraud.

The inclusion of biometric data in the breach is particularly alarming due to its immutable nature and potential misuse.

Ransom Demand and Company Response

Kill Security has reportedly demanded a ransom of $50,000 in exchange for not releasing the stolen data.

As of now, NoBroker has not publicly confirmed the breach or responded to the ransom demand.

The company is expected to conduct an internal investigation to verify the claims and assess the extent of any potential data compromise.

Cybersecurity experts emphasize that paying ransomware does not guarantee that stolen data will not be leaked or sold on dark web marketplaces.

They advise companies to focus on strengthening their cybersecurity measures and cooperating with law enforcement agencies to address such threats.

If confirmed, this breach could have far-reaching implications for both NoBroker and its users.

Customers whose data may have been compromised are advised to monitor their financial accounts closely and report any suspicious activity immediately.

As digital platforms increasingly handle sensitive user data, ensuring its protection against cyber threats becomes paramount.

Also Read: