More

    Juspay hires Verizon Business to conduct a forensic investigation of the data breach

    Payment processor Juspay hired Verizon Business to conduct an independent forensic investigation into the cyber attack the company faced in August last year. It also partnered with PricewaterhouseCoopers (PwC) to undertake a comprehensive audit of policies, protocols and technologies. Earlier this week, Juspay said he suffered a cyber attack on August 18 last year. It claimed that the breach was limited to an isolated system containing non-sensitive masked cards, used primarily for display purposes on the merchant’s user interface (UI) and cannot be used to complete a transaction. Juspay also pointed out that the data compromised during the breach did not contain any information about the transaction and that the customers’ card numbers and passwords remain safe. “Following several steps taken to further improve information and systems security at Juspay, we hired Verizon Business to conduct an independent PCI forensic investigation (PFI).” We also commissioned PricewaterhouseCoopers (PwC) to undertake a comprehensive audit of policies, protocols and technologies, “Juspay said in a blog post Thursday. This would help improve resilience and preparedness to mitigate threats from illegal cyber attacks, he added. “With the work undertaken by both Verizon and PwC, we want to combine their global expertise with our experience to ensure we are more cyber resilient and better prepared to face and defeat similar threats in the future,” said Juspay. When asked why the forensic investigation was delayed, a spokesperson for Juspay said: “Yes, we should have started the forensic investigation first. However, following the cyber attack, our priority was to ensure the security of cardholder data and API keys, as well as to strengthen our security response to better prepare against any future attempts on our servers and archives. ” “Immediately after the incident, we worked with our business partners and informed them of the intrusion. We released new API keys, although it was later verified that the API keys in use were also secure. Next, we conducted a thorough internal audit to improve our technology and security protocols, “the spokesperson said. The spokesperson added that the company has standardized “2-factor” authentication for all access routes to the infrastructure for all developers. Juspay had previously stated that he was in close contact with the relevant government authorities and the RBI regarding the cyber attack. He had explained that approximately 3.5 crore records with masked card data and card fingerprints (which are non-sensitive information) were hacked as part of the user metadata in his system which has email IDs and phone numbers not. anonymous and in plain text. The masked card data is used for display purposes on the merchant UI and cannot be used to complete a transaction, Juspay said.

    (This story has not been edited by Devdiscourse staff and is automatically generated from a syndicated feed.)

    News Highlights:

    • Payment processor Juspay hired Verizon Business to conduct an independent forensic investigation into the cyber attack the company faced in August last year. With the work undertaken by both Verizon and PwC, we want to combine their global expertise with our experience to ensure we are more cyber resilient and better prepared to face and defeat similar threats in the future, Juspay said.
    • Juspay hires Verizon Business to conduct a forensic investigation of the data breach
    - Advertisement -

    Latest Articles