Angel One, a popular Indian stock broking firm, reported a data breach on Friday, April 21, 2023, which led to the exposure of sensitive personal information of many of its users. The company detected the data breach after it received emails claiming unauthorised access of client data.
Following the discovery, Angel One immediately notified the regulatory bodies and informed its clients about the breach. However, the company did not specify the number of users affected or the reason for the leak.
Angel One confirmed that the breach did not affect client securities, funds, or credentials. It added that all client accounts were secure, and it had taken measures to identify the source of the breach and strengthen its infrastructure to prevent further breaches. Angel One also stated that client login credentials were stored in an encrypted format in its systems and were not compromised.
The company went on to assure impacted users that the leaked data could not be used for any transactions. Additionally, Angel One deployed two-factor authentication for user identification, including verification by one-time password and a PIN code, further protecting user accounts.
Angel One’s shares fell 1.28% on the BSE following the announcement. However, the company has been posting healthy financial numbers despite market headwinds, with a 31% YoY growth in net profit to INR 205 Cr in the fourth quarter of FY23 and a 21.2% YoY increase in revenue to INR 826 Cr.
This incident is the latest in a series of data breaches affecting Indian companies and startups. Cyber crimes have been on the rise in India in recent years, with many companies experiencing data breaches. Earlier this week, online furniture rental startup RentoMojo also reported a data leak, and in March, at-home salon startup Yes Madam exposed the personal sensitive data of hundreds of thousands of customers and gig workers due to a server-side misconfiguration. In February, a data breach at train ticketing platform RailYatri exposed the data of over 31 Mn customers.
Angel One’s breach highlights the need for Indian companies to strengthen their cybersecurity measures and protect their customers’ sensitive information. The Indian government has taken several initiatives to promote cybersecurity awareness and strengthen the country’s cybersecurity infrastructure. However, companies must take proactive steps to implement strong security protocols and keep their customers’ data safe from cyber attacks.