In yet another reminder of the importance of cybersecurity in the financial sector, over 2.73 lakh Indian bank transfer records were recently exposed online due to a misconfigured cloud storage server.
The leak was discovered by security firm UpGuard, which found sensitive customer and banking information left publicly accessible on an Amazon Web Services (AWS) bucket.
What Was Exposed?
The leaked files contained:
- Names, phone numbers, and email addresses of customers
- Bank account numbers and transaction amounts
- NACH (National Automated Clearing House) mandate PDFs
In total, records from 38 banks and non-banking financial companies (NBFCs) were affected. Among the major institutions named:
- Aye Finance (responsible for nearly 60% of the exposed records)
- State Bank of India (SBI)
- Bank of Baroda
- Punjab National Bank (PNB)
- Muthoot Capital
Thankfully, highly sensitive documents such as Aadhaar, PAN, and other KYC details were not part of the breach.
The Risk
Although identity documents weren’t leaked, the exposed banking and contact details still present a serious risk. Cybercriminals can use this information for:
- Phishing attacks – convincing users to share further sensitive details.
- Fraudulent transactions – targeting customers with fake loan or EMI messages.
- Social engineering scams – exploiting the mix of financial and personal data.
For banks, NBFCs, and payment networks, the damage extends beyond immediate financial risks — trust and reputation are at stake.
How It Happened
The breach resulted from a misconfigured AWS bucket that was left unsecured and accessible to the public.
Even after UpGuard flagged the issue in late August 2025, fresh files kept appearing in the same storage location until the bucket was finally locked down in early September.
This delay highlights a common problem:
Weak monitoring and oversight of third-party integrations, which often create vulnerabilities in otherwise secure financial ecosystems.