Financial services firm WeRize becomes the victim of a data breach

Illustration: Ajay Mohanty


WeRize (Wortgage Technologies), a financial services platform focused on small-town India, announced that it has become the victim of a data breach. The Bengaluru-based firm has informed India’s Computer Emergency Response Team (CERT-In), relevant authorities, and stakeholders as per protocol.


External forensic teams are investigating the issue. Preliminary investigations suggest potential collusion by certain ‘company personnel’ who might have shared data in gross violation of policies, training, and practices.


“The company has a zero-tolerance policy on such matters and shall take stringent action against the perpetrators, including all remedies available under law,” the firm stated.


The company emphasised that it takes such incidents with the utmost seriousness and has always maintained security measures and best practices commensurate with its operations. It has undertaken multiple certifications and audits by relevant third parties and certification agencies and has gone through extensive penetration testing exercises.


The company has stated it will now further augment these systems. It plans to implement additional measures to ensure such a situation does not recur.


“This has not affected operations or business continuity. The company’s systems are fully functional with the additional precautions and protections put in place,” the firm assured.


Founded in 2019 by former Lendingkart executives Vishal Chopra and Himanshu Gupta, WeRize is building India’s first socially distributed full-stack fintech platform for emerging middle-class families. The financial needs of small-city India have been largely underserved, as traditional players and fintechs struggle to properly serve this segment. The firm aims to address this gap.


WeRize is a full-stack provider, manufacturing and distributing a wide portfolio of customised mortgages, unsecured credit, insurance, and savings products. It serves 300 million individuals spread across over 5000 small cities.


The firm has raised $25.75 million equity ($115.5 million valuation) from British International Investment (UK’s sovereign impact fund, formerly known as CDC), Sony Japan, 3one4 Capital, Picus, and others.


India ranked fifth in the list of most breached countries with 5.3 million leaked accounts in 2023, according to a report by private virtual network provider Surfshark. Globally, a total of 299.8 million accounts were breached. The U.S. ranked first, accounting for 32 per cent of all breaches from January through December. The report stated that Russia took second place, while France ranked third, followed by Spain and India.

First Published: Mar 15 2024 | 11:50 PM IST