Brinztech Alert: The Alleged Database of Click on Recharge is Leaked

Dark Web News Analysis

The dark web news reports the alleged leak of a massive 10GB SQL database dump belonging to Click on Recharge, an Indian fintech and recharge platform. The database reportedly contains over 9 million verified user entries. The exposed dataset is comprehensive, including Personally Identifiable Information (PII) and critical Know Your Customer (KYC) data. Specific fields identified in the leak include full names, email addresses, verified mobile numbers, physical addresses, PAN card numbers, login IDs, sponsor IDs, user plans, user levels, and even current wallet balances. The leak appears to be a direct dump from the backend, including a high-quality SQL schema of the production environment.

Key Cybersecurity Insights

The exposure of government-issued IDs alongside financial data creates a severe risk profile for the affected users:

• High-Value Data Breach: The presence of PAN card numbers significantly increases the severity of this breach. When combined with verified mobile numbers and names, this data is sufficient for committing sophisticated financial fraud, tax fraud, and full identity theft.
• SIM Swapping and Phishing Risks: The combination of verified mobile numbers and detailed personal profiles enables targeted SIM swapping attacks. Attackers can use the KYC data to convince mobile carriers to transfer a victim’s phone number to a new SIM, bypassing SMS-based Multi-Factor Authentication (MFA).
• Internal Database Structure Exposure: The leak includes the SQL schema of the production database. This provides attackers with a blueprint of the application’s internal logic and table relationships, potentially revealing further vulnerabilities for future exploitation.
• Timeline Discrepancy: While the leak is tagged with a 2025 date, the listing suggests it may be part of a broader collection spanning 2015 to 2025. This implies that both historical and current user data may be compromised.

Mitigation Strategies

To mitigate the high risk of financial fraud and identity theft, the following immediate actions are recommended:

• Compromised Credential Monitoring: Actively monitor for exposed credentials associated with Click on Recharge users to prevent “credential stuffing” attacks on other banking or email services.
• Enhanced User Authentication: Implement strong Multi-Factor Authentication (MFA) across all user accounts. Given the risk of SIM swapping, move away from SMS-based OTPs in favor of authenticator apps or hardware keys where possible.
• Phishing Awareness Training: Conduct comprehensive awareness campaigns for users, specifically warning them about SIM swapping indicators (e.g., sudden loss of signal) and targeted SMS phishing (smishing) that may reference their real wallet balances or PAN details.
• Data Breach Response Plan: Review and update the data breach response plan. Ensure it includes procedures for notifying users about the exposure of PAN numbers so they can take appropriate steps with tax authorities and credit bureaus.

Secure Your Business with Brinztech — Global Cybersecurity Solutions

Brinztech protects organizations worldwide from evolving cyber threats. Whether you’re a startup or a global enterprise, our expert solutions keep your digital assets safe and your operations running smoothly.

Questions or Feedback?

For expert advice, use our ‘Ask an Analyst’ feature. Brinztech does not warrant the validity of external claims. For general inquiries or to report this post, please email us: contact@brinztech.com