Indian stock brokerage firm Angel One disclosed a data breach on Friday, revealing that client information stored in its Amazon Web Services (AWS) account had been compromised. The breach was discovered after the company received an alert from a dark web monitoring partner on February 27, which indicated a “data leakage post.” Upon investigation, it was confirmed that some of the company’s AWS resources had been compromised. Angel One quickly acted by changing the passwords for its AWS cloud and related applications and hired external experts to assess the scope and root cause of the breach.
Despite the breach, Angel One assured its clients that there was no impact on their securities, funds, or credentials. All client accounts were verified to remain secure. The company did not disclose specifics on how the breach occurred, but it seems that the issue was related to cybersecurity failures on Angel One’s part rather than any hack of AWS systems.
This has raised concerns about the effectiveness of Angel One’s internal security protocols.
Following the breach announcement, Angel One experienced a significant drop in its stock value, with shares falling over 11% within two days. This resulted in the company hitting a 52-week low on March 3, 2025. Despite the setback, the company has committed to addressing the issue and strengthening its cybersecurity measures going forward.
Angel One, founded in 1996, is one of India’s largest stock brokers, serving over 30 million clients as of January 2025.
The breach is particularly concerning given the company’s growing client base and the sensitive nature of the information potentially exposed. As the investigation continues, the company is focused on resolving any vulnerabilities and preventing future incidents.
Reference:
