eSewa, is the first and the largest digital wallet which was given birth by F1Soft International in 2009, was recently alleged of a esewa data breach. A hacker who goes by the name of Aparichit took to twitter to leak the data of several eSewa users. The data contained emails, passwords and balance of about 21 customers. The hacker claims that this data leak was possible because esewa didn’t use OTP(one-time password) in web login.
The tweet also says that “it’s just a demo for your datas” which is a sign that the hacker may have access to more customer’s information. If this is true then none of our money is safe in eSewa.
However, eSewa has denied all these rumours and they also released a statement saying the hacker must have gained those information using a Phishing Scam. And it is for this reason why eSewa has requested its customers, those who use eSewa web instead of eSewa app, to change their passwords.
Furthermore, eSewa also adds that it is a ISO 27001:2013 certified company so it’s a safe, trustworthy and qualified company which can take care of your data properly.
We also think that the eSewa data breach allegation is just a hoax because a huge company like that of eSewa will never store their customer’s information in plain text. Hence, the datas are saved in encrypted format(which cannot be read).
So, we suggest you not to get worried, if you’re an eSewa user, because it’s not quite possible to penetrate eSewa’s server and collect it’s users information. But if you feel insecure, you can change the password anytime.