Enhanced Security Measures on your Upstox account in the light of recent events

Dear Customer,

We have upgraded our security systems manifold recently, on the recommendations of a global cyber-security firm. We brought in the expertise of this globally renowned firm after we received emails claiming unauthorized access into our database. These claims suggested that some contact data and KYC details may have been compromised from third-party data-warehouse systems.

We would like to assure you that your funds and securities are protected and remain safe. Funds can only be moved to your linked bank accounts and your securities are held with the relevant depositories. As a matter of abundant caution, we have also initiated a secure password reset via OTP.

Through this time, we have also strongly fortified our systems to the highest standards:

- Immediately restricted access to the impacted database
- Added multiple security enhancements at all third party data-warehouses
- Setup real-time 24x7 monitoring
- Additionally ring-fenced the network

At Upstox, customer safety is paramount. Here’s a ready reckoner for your financial safety and security at all times:

- Always use unique strong passwords (multi-case, alphanumeric, no name fragments) and different from older versions
- Never share OTPs with anyone
- Watch out for OTPs you may not have requested and alert the service provider in such events
- Beware of online fraud and double-check the legitimacy of links and senders

As a cutting-edge technology platform, we are further amping up our industry-class bug bounty program to encourage ethical hackers to stress test our systems and protocols and help us identify any vulnerabilities from time to time.

We take your security and privacy very seriously. While we have already reported this incident to the relevant authorities, we deeply regret any inconvenience this may have caused you. Thank you for your continued trust and support.

Best,
Ravi Kumar
Co-founder & CEO