What Happened
Angel One, a major Indian stock brokerage firm, disclosed a data breach in March 2025 involving unauthorized access to client information stored in its Amazon Web Services (AWS) account. The incident was discovered on February 27, 2025, after alerts from a dark-web monitoring partner about a potential data leak on hacker forums, prompting Angel One to immediately change all relevant AWS credentials and engage external forensic experts for a root cause analysis and scope assessment. While the exact types of compromised client data—likely including contact details and possibly financial information—were not fully detailed publicly, the company confirmed no impact on clients’ securities, funds, trading credentials, or account security, though the breach caused its shares to drop over 11% and raised concerns about cloud security in the financial sector. The precise number of affected records remains undisclosed, distinguishing this from prior incidents like the 2023 breach exposing 7.9-8 million users’ personal data.
