Defunct CashMama, and Loan Zone, MeraLoan Leaking Customers' Sensitive Data, says Report

Personal identification information (PII) such as ID photos, loan agreements and other files exposing a wide variety of sensitive data such as full names, email addresses, national IDs, phone numbers, bank accounts containing more than 6.5 million files, totalling over 1TB of data, are being leaked from (now) instant loan app CashMama and three other apps associated with it, says a report.

The security team at SafetyDetetectives discovered a data breach affecting CashMama, which was left in an open form on Amazon’s S3 bucket. It says, “The bucket’s content included PII and sensitive data belonging to the customers of at least four instant loan apps: CashMama, Loan Zone (also known as Vayloan), MeraLoan, and an unidentified app. We observed a large amount of personal data that was collected for each app. We observed ten different file collections on the bucket. Each file collection was comprised of one or more folders that contained similar files. Each collection’s data relates to one of the instant loan apps on the bucket.”

According to SafetyDetetectives, the unidentified app’s data was stored under an app name, though it could not specify exactly which app this name referenced. “A small portion of files have an unknown origin — this data could’ve been collected for one of the loan apps mentioned, or, it could’ve been collected for a completely different instant loans app,” it says.

Founded in 2018 in Hyderabad, CashMama is now defunct after it was found to…

Categories

Most Popular

Crowdfunding tops investment scams list

Police warn residents about IRS phone scam | The Daily … – Daily Independent

IRS scam costing victims $15 million

LSU student government endorses scam increasing student fees by $1,600

Most Viewed

Scamming alert

Appeal denied!

Is Retirement a Scam?

The case against Liz Truss

12 Scams of Christmas

How To Pay Less For College

Defunct CashMama, and Loan Zone, MeraLoan Leaking Customers’ Sensitive Data, says Report

Director Banned for Fake Covid Loan Scam – Mirage News

ED Raids Former DCC Bank Manager’s House in Shivamogga Over ₹62 Crore Fake Gold Loan Scam – The Hindustan Gazette

Karnataka fake gold loan case: ED conducts raids in Shivamogga, Bengaluru – The Hans India

Leave Your Comment Cancel Reply

2,000 cr housing scam alleged inside Pallikaranai Ramsar site – Times of India

Top 8 IRS Scams: How to Spot Them and Fight Back – NerdWallet

IRS stimulus payment rumors heat up — could $2,000 be coming your way soon? – The Economic Times

Nearly 700 flee notorious scam center in Myanmar – Taipei Times

‘Land scam in IDCO industrial estate’: Lease misuse, unauthorised construction raise eyebrows – OdishaTv

Contact Info

Recent

National Cathedral project was a scam on Ghanaians — Elikem Kotoko – MyJoyOnline

Hundreds flee to Thailand after latest raid on Myanmar scam center – The Japan Times

What to Know About the Billion-Dollar Scam Center Industry – The New York Times

World News

Fresno Unified Scammed Out of $2.2 Million for Construction Projects – GV Wire

Subscribe

Categories

Most Popular

Most Viewed

Related Articles

Leave Your Comment Cancel Reply