A steep 90-100 per cent rise has been witnessed in Account Take Over (ATO) posts in India this year, pointing at serious data security breach and online financial fraud. Most of the crimes occur on major brands in EdTech, OTT platforms, e-commerce and e-retail applications, for which, many users share common or long-term passwords.

ATO refers to the online identity theft where a cybercriminal accesses a bank, e-commerce or OTT account of the victim, siphons off funds, steal credit or debit information or loyalty points, sometimes to commit another cybercrime.


Based on a study by Kochi-based Technisanct Technologies Private Limited after assessing 12,000 OTT, 7,500 e-retail and e-commerce and 4,500 EdTech accounts over a period of five months from January to May, what makes the situation favourable for ATO is that many Indian users are still using passwords which they used in 2014 for a brand which had a data breach at that time.

The study also found out there is a huge demand for OTT usernames and passwords since lockdown and many of the credentials belonging to Indian brands are regularly kept for sale in Telegram and similar data sharing platforms on Dark web.

“Using the same password for the ease of use and many digital business companies not imposing two-factor authentication and not prompting to regularly change their login passwords, fearing that it could create a dent in consumer experience, actually exposes them to threat of ATO, credential stuffing and credential cracking,” says Nandakishore Harikumar, Founder & CEO, Technisanct Technologies.

Varied hacking methods

Credential stuffing is an automated web injection attack where hackers use credential information sourced from data breaches to gain access to the victim’s other accounts. Credential cracking is another term for a brute force attack in which hackers will use dictionary lists or common usernames and passwords to guess their way into an account.

The other findings made by Technisanct are OTT platforms, mostly premium accounts, took a major hit; EdTech industry’s credentials are popular in Telegram platforms; the screenshots of premium account dashboards are sold widely; multiple sign-ins with the same password are under threat; many users do not change their password often; some are the same from the first signup; cultivate the habit to use strong password protection methods especially among the young consumers of EdTech brands.