ShellCodeX
Tools • Events • News • Insights
ShellCodeX Breach Report

Moneycontrol Data Breach

moneycontrol.com
Limited exposure
Verified breach Passwords exposed
Accounts exposed 762,874
Breach date 07 Sep 2017
Added to tracker 22 May 2021
Data classes 5

What happened

In April 2021, hackers posted data for sale originating from the online Indian financial platform, Moneycontrol. The data included 763 thousand unique email addresses (allegedly a subset of a larger 40 million account breach), alongside geographic locations, phone numbers, genders, dates of birth and plain text passwords. The date of the original breach is unclear, although the breached data indicates the file was created in September 2017 and Moneycontrol has stated that the breach is "an old data set".

Exposed data

Email addresses Genders Geographic locations Passwords Phone numbers

Recommended actions

  • Change your Moneycontrol password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing Moneycontrol — attackers weaponise breach data quickly.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP