BigBasket Major Data Violation
BigBasket is an online grocery store. Apparently, BigBasket leaked the data of 2 crore Indian users. The data was leaked on the dark web. The personal data of the users included full names, email IDs, passwords hashes, contact numbers, addresses. Cyber intelligence firm-Cyble reported this data leak.
The company has also lodged a complaint with the Cyber Crime Cell in Bengaluru. The company is verifying the claims made by cyber experts.
In addition, the data has been put on sale for Rs. 30 lakh on the dark web by a hacker. Cyble mentioned in a blog that the research team found the data of BigBasket on sale in a cybercrime market. Further, the sale for the data was $40,000. Also, the leak contained a database portion, with the table name ‘member_member’. The size of the SQL file was about 15GB that contained up to 20 million user data.
This blog post revealed that the name and address of the people have been leaked. Fortunately, the company claims that the financial data of the users are safe and have not been leaked. This is because the company does not store any financial data of the users due to privacy and confidentiality. BigBasket said that the data accessed can only be the name, email IDs, order details, and addresses of the users. Moreover, BigBasket claimed to have robust information security frameworks that employ best-in-class resources and technologies to manage the users’data.
Alibaba Group, Mirae Asset-Naver Asia Growth Fund, and the UK government-owned CDC group funds this Bengaluru-based company.
When Did The Breach Occur?
Furthermore, the violation of data occurred on October 30, 2020, claimed by Cyble. Cyble has already informed the management of BigBasket.
Cyble first detected this breach on October 31. Finally, on November 1, Cyble disclosed to BigBasket about the violation of the data.
Read Also: Whatsapp Payments now available in India
