Massive Big Basket data breach; personal info of over 2 crore users up for sale on dark web
New Delhi | Jagran Business Desk: BigBasket, a leading online food and grocery store in India has reported a major data breach. According to reports, personal details of over two-crore BigBasket users have been listed for sale on the dark web, following which the Bengaluru-based firm filed a complaint with the Bengaluru Cyber Crime Cell.
"A few days ago, we learned about a potential data breach at BigBasket and are evaluating the extent of the breach and authenticity of the claim in consultation with cybersecurity experts and finding immediate ways to contain it. We have also lodged a complaint with the Cyber Crime Cell in Bengaluru and intend to pursue this vigorously to bring the culprits to book," BigBasket said in a statement.
The company has, however, claimed that financial data like credit card numbers of its users is secure.
"As confidentiality of customers is priority, we do not store their financial data, including credit card numbers and are confident that it (data) is secure," the e-tailer added.
The leak was reported by cyber intelligence firm Cyble, who said that it came across the breach during routine monitoring of the cyber-crime world. The data which was stolen includes, full names, email IDs, mobile numbers, data of birth, location among others.
"In the course of our routine Dark web monitoring, the Research team at Cyble found the database of Big Basket for sale in a cyber-crime market, being sold for over $40,000. The leak contains a database portion; with the table name ‘member_member’. The size of the SQL file is ~ 15 GB, containing close to 20 Million user data," Cyble said in a blog post.
"More specifically, this includes full names, email IDs, password hashes (potentially hashed OTPs), pin, contact numbers (mobile + phone), full addresses, date of birth, location, and IP addresses of login among many others," the cyber intelligence firm said.
Posted By: Shashikant Sharma