Zerodha hack and security incidents
No documented major hack of Zerodha resulting in client funds or securities loss has been publicly reported. Zerodha has had operational incidents (outages, login issues, slowdowns) on heavy-volume days, and individual client accounts have been compromised via phishing of personal credentials, but the broker’s core systems have not been publicly known to be breached.
This article gives an accurate picture of the security and incident history.
What “hack” typically means in retail discussion
When retail clients ask about Zerodha being “hacked”, they usually mean one of:
- Their personal Kite account was accessed by an unauthorised party (often phishing-driven).
- A platform-wide outage disrupted their trading.
- A general concern about the broker’s safety.
The first is an individual-account incident; the second is operational; the third is the broader Is Zerodha safe question.
Documented operational incidents
Login slowdowns / outages
Zerodha has had occasional login slowdowns and platform outages, typically on:
- High-volatility days (budget day, election results, large geopolitical events).
- Heavy IPO listing days (high subscriber and listing-day volumes).
- System maintenance windows (planned).
- DDoS attempts (intermittent; mitigated by infrastructure layers).
In each case, Zerodha typically restored service within minutes to a few hours and posted explanations on the Z-Connect blog or Twitter.
Margin call confusion
On heavy-volatility days, margin call notifications and auto-square-off can produce client confusion. This is an operational outcome, not a breach.
Settlement-related issues
Rare back-office failures have produced delayed settlements. SEBI requires brokers to resolve these per the standard framework.
Phishing and individual-account compromise
Many individual clients have lost access to their accounts via phishing:
Common patterns
| Attack vector | What happens |
|---|---|
| Phishing email pretending to be Zerodha | User clicks link, enters credentials on a fake site |
| SMS phishing | “Your account is suspended; click to verify” |
| Phone call posing as Zerodha support | Caller extracts TOTP / OTP |
| Telegram / WhatsApp impersonation | “Customer support” gathering credentials |
In each case, the breach is at the user, not at Zerodha.
Protection
- Never enter Kite credentials on any non-zerodha.com domain.
- Never share TOTP, OTP, or T-PIN with anyone.
- Don’t trust unsolicited calls about your account.
- Use the Kite app or kite.zerodha.com directly, not via links in emails or SMS.
Has the core system been hacked
To public knowledge:
- No documented major breach of Zerodha’s core systems.
- No publicly reported funds or securities loss at the broker level.
- No SEBI enforcement action against Zerodha for security failures.
Zerodha complies with SEBI’s cyber security framework for stock brokers, which mandates:
- Regular security audits.
- Multi-factor authentication.
- Segregated client funds.
- Disaster recovery plans.
Audit reports are confidential; SEBI inspects but doesn’t publish.
Operational SLA
Zerodha doesn’t publish a formal uptime SLA, but observed operational reliability:
- Trading session uptime: Typically high (above 99%); some heavy-volume day issues.
- Login system: Generally reliable; outages are usually short.
- Order placement: Reliable when login is available.
- Console reporting: Reliable; occasional refresh issues.
For a broker handling ~30%+ of NSE retail flow, the operational record is strong but not perfect.
What you should do
Protective measures
- Enable TOTP (mandatory; already done).
- Use a unique password for Kite.
- Lock your device physically.
- Don’t share OTP / TOTP / T-PIN.
- Verify communications via the official support portal.
- Monitor account regularly.
Reactive measures
If you suspect your account is compromised:
- Change Kite password immediately.
- Disable / regenerate TOTP (via Kite settings).
- Contact Zerodha Support via Console > Support.
- Submit a SCORES complaint if Zerodha doesn’t resolve.
- File a police FIR if material loss has occurred.
- Regenerate CDSL T-PIN if compromised.
SEBI complaint pathway
For security-related complaints:
- First: Zerodha Support (Console).
- If unresolved: SCORES portal at scores.gov.in .
- If serious: SEBI direct enforcement.
The SCORES portal is the regulator-mandated channel for grievances.
See also
- Is Zerodha safe
- Is Zerodha listed on stock exchange
- Zerodha IPO when
- Zerodha insurance investor protection fund
- Investor Protection Fund (IPF) explained
- Zerodha customer care number
- Zerodha office address Bangalore
- Zerodha eDIS T-PIN OTP
- How to recover a forgotten CDSL T-PIN on Zerodha
- Validity of CDSL TPIN
- How to look up your Zerodha client ID
- Direct payout to demat SEBI rule
- CDSL block mechanism for pay-in
- SEBI broker risk disclosure norms
- Finfluencer SEBI ban impact on Zerodha referrals
- SEBI RA vs IA distinction
- Zerodha 12-character user ID format
- Zerodha referral program (discontinued)
- Zerodha Universe (ecosystem map)
- Margin pledge (Zerodha)
- SCORES (SEBI grievance portal)
- SEBI
- CDSL
- Zerodha
- Zerodha Console
- Kite (Zerodha)
- Discount broker (India)
External references
References
- SEBI, Cyber security framework for stock brokers, sebi.gov.in.
- Zerodha, Operational incident communications, zerodha.com/z-connect.
- SEBI, Investor protection and grievance redressal, sebi.gov.in.