EarlySalary, a Pune-based fintech startup has reported a security breach on its website in which the data of potential customers were compromised, including their names and mobile numbers. The company says that data of over 20,000 applicants have been compromised.
In an update related to this security breach, the company has said that the vulnerability has been fixed and the concerned law enforcement agency has been informed about the matter. The company said:
EarlySalary takes this breach very seriously. The vulnerability has been fixed and law enforcement has been informed. We are working with law enforcement to identify the IP source for this incident. We will further enhance security measures within our database and are working towards implementing PCIDSS certification to make the platform more secure. We will inform Pune Cyber Security Cell about this incident.
The company further adds that the core customer database, including all existing EarlySalary customer information including sensitive personal details and transactions has remained completely secure and was not impacted.
EarlySalary says that it has added additional security in apache to block threats. Further, the database credentials have been changed, and additional security blocks have been placed on the EarlySalary website.
The startup was founded in 2015 by Akshay Mehrotra and Ashish Goyal and has raised over $22 million in funding so far. It is a mobile-first lending platform that provides salary advances and instant cash loans based on a smart risk scoring system. It offers salary advances up to 50 percent of one’s monthly salary to its users.