Bengaluru: Kamin Prajapathi (40), a senior accountant manager in a multinational software company was arrested by the police on Sunday for data theft.

The accused, a resident of Concorde Napa Valley and Kanakapura Road and Bihar stole the data of nearly 300 employees working in the same company, transferring their bank details, credit card details and bank account details to his personal mail.

Prajapathi started working in the company from August 2017 and quit his job in April 2019 though the police said that before resigning he transferred the stolen data to his personal mail with plans to hand the data to another company for a senior-level position. He told the company, he had surplus confidential data that they could use to their advantage and build their business.

KS Santosh, founder of a cybersecurity solutions firm 'Group Cyber ID', says these type of data theft are pretty common, “These frauds occur in startups, where former employees steal data from the startup and begin their own firm using the data. Many companies have filed data theft complaints against individuals,” (Sc Indiatimes.com)

Likewise, Prajapathi allegedly hacked into the website of the company where he worked and is suspected that he had been stealing data since 2017 and selling it to other companies. Aside from the bank details of employees and clients, he also collected pivotal data of the company's clients.

The managers from the private firm, where he previously worked lodged a complaint at the cyber-crime police station, and after a probe the police nabbed Prajapathi confiscating his laptop, CPU and mobile phone. The cyber-crime officials also found an account created by Prajapathi on a web-based email service as solid evidence against him.

There has been a significant rise in data theft cases in the last few years as reliance on digital platforms increase. In the city itself, there have been cases where the miscreants hacked into the system using simple hacking techniques, and thus it is crucial to install effective data security solutions to protect the privacy and curtail cybercrime.

A high school senior in Lexington, Massachusetts discovered two vulnerabilities in software programs employed by his school which could have potentially affected the student data of around 5 million students.

Billi Demikarpi is a teen hacker who developed a penchant for hacking when he was in the freshman year and subsequently uncovered serious security flaws in two education programs, Aspen and Blackboard.

Reportedly, the probable consequences of these vulnerabilities would have been more disastrous than those San Diego Unified School District faced after the massive data breach that put to risk the data of more than 500,000 students along with the staff of the school.

The information that could have been exposed via the Aspen vulnerability includes details of bus routes, birthplaces, special education status, number of reduced or free lunches and suspensions.

It could have been exploited by the hacker to gain access to the data on the website after entering his own script as the Aspen website lacked the filters which other websites usually contain in order to reject hacker requests.

According to the statements given by both the companies, no one has exploited the security flaws besides Billi, who only accessed the information about himself and of a friend's whom he took consent from before doing so.

While sharing  his experience, Demirkapi said, “These companies say they're secure, that they do audits, but don't take the necessary steps to protect themselves from threats.”

Around 10,000 customers of Aegon Life Insurance, a joint venture between the Netherlands-based Aegon and India's Times Group, fall prey to a data leak which was caused through website's support channels, which clients used to communicate with the insurer regarding their grievances.

Reportedly, the data compromised included all the details ranging from the very basic demographic ones like name, gender, age to more specific ones such as health policy problems and annual income. It occurred due to a security vulnerability in the company's website.

Renie Ravin, Indian web developer and co-founder of the independent blogging platform, 'IndiBlogger', discovered the vulnerability which led to the data leak and reported it to the company in July 2019.

However, there is no evidence of the exposed data being illegally accessed or misused.

Referencing from the statements given by the company, "Aegon Life Insurance, India announces that a vulnerability on their website exposed information of some Indian customers who had used web forms to get in touch with Aegon Life."

"Aegon Life immediately fixed the vulnerability and have since informed all customers of this exposure. Aegon Life estimates that up to 10,000 customers were possibly affected."

"We will initiate an outreach program in the coming days to offer guidance to affected customers and to let them know what information was exposed. At Aegon Life, data security and customer privacy are of utmost importance and we will continue to be transparent with customers as we investigate further," the company added.