New Delhi: Researchers at New Delhi-based nonprofit organisation CyberPeace on Saturday claimed they have discovered an alleged huge data breach at LenDenClub, a peer-to-peer (P2P) lending platform, that may have affected 22 million users.
CyberPeace said in a statement that LenDenClub allegedly experienced a “substantial data breach”.
“Allegedly, data from LenDenClub, a P2P lending platform in India, has been compromised. Threat actors claim 84 GB of data, involving over 22000000 IDs and loan statements,” CyberPeace Research also posted on X.
The data breach allegedly involved sensitive financial information and personal details of the users.
The researchers said that the identity of the threat actors responsible for this breach is currently unknown.
“Investigations are underway to determine whether this is the work of a sophisticated cybercriminal group, hacktivists or other malicious entities,” they said.
According to the researchers, users’ sensitive financial information may be exploited for identity theft and financial fraud.
“Personal details exposed in the breach could be used for phishing attacks and other malicious activities,” they warned.
The LenDenClub data breach highlights the persistent challenges posed by cyber threats in the financial sector, according to Cyberpeace.
“This incident underscores the critical need for organisations to continually enhance and fortify their cybersecurity measures to protect user data and maintain public trust,” the team noted.