24 July 2019
Pune, 3rd October:
On 2 October 2018, EarlySalary identified a security breach on its website. Names and mobile phone numbers, provided by potential customers to the EarlySalary website, was compromised.
EarlySalary takes this breach very seriously. The vulnerability has been fixed and law enforcement has been informed. We would like to reassure all potential and existing customers that all corrective measures have now been taken to protect customer security.
The core customer database, including all existing EarlySalary customer information including sensitive personal details and transactions has remained completely secure and was not impacted.
In response to the breach, additional security has been added in apache to block threats. The database credentials have been changed, and additional security blocks have been placed on the EarlySalary website. We are working with law enforcement to identify the IP source for this incident. We will further enhance security measures within our database and are working towards implementing PCIDSS certification to make the platform more secure. We will inform Pune Cyber Security Cell about this incident.
We are deeply sorry to anyone who may have been affected. People’s privacy and security is of utmost importance to EarlySalary. We understand the trust customers place in us and we take this breach extremely seriously.
If you think you may have been impacted by this breach please remain vigilant to any suspicious calls or behaviour. If you need more information, please contact firstname.lastname@example.org and we’ll respond right away.