BigBasket data of over 20 million users reportedly leaked to the Dark Web

0
47

The BigBasket database of more than 20 million customers was reportedly leaked on the dark web, months after the online grocery delivery platform confirmed a data breach. The suspected database includes the email addresses, phone numbers and hashed passwords of the affected customers. The data would also include physical addresses and the date of birth of BigBasket users. Although the database available for free access on the Dark Web includes user passwords in an encrypted form, another hacker claimed to have cracked some of the leaked passwords.

The alleged BigBasket database has been put on the dark web by a group of hackers infamous as the ShinyHunters. It includes details like email addresses, names, date of birth, and phone numbers.

Cybersecurity researcher Rajshekhar Rajaharia told Gadgets 360 that the leaked database was associated with the flaw that BigBasket himself confirmed in November of last year.

READ  Cyberpunk 2077 gets a host of fixes and stability improvements with patch 1.21

“A few days ago we learned of the existence of a potential data breach at BigBasket and are assessing the extent of the breach and the authenticity of the claim in consultation with cybersecurity experts and find immediate ways to contain it, ”the company said, confirming the data. violation that was made public by cybersecurity intelligence firm Cyble.

ShinyHunters made the so-called BigBasket database available for download on the Dark Web over the weekend. It included the hashed passwords of the affected clients. However, some plain text passwords are now also listed on the Dark Web.

READ  Highlight the text of your videos in just a few steps

“Another hacker claims to have cracked millions of passwords associated with BigBasket,” Rajaharia said. “This could cause a serious problem for affected customers, as malicious actors would gain access to their personal web accounts using the cracked passwords and leaked email addresses.”

Gadgets 360 has reached out to BigBasket for comment on this. This report will be updated when we get back to you.

Meanwhile, the Have I Been Pwned? – which informs users if their data has been compromised by recent breaches – sent an email to notify some affected customers of the data breach.

READ  Toshiba CEO Nobuaki Kurumatani steps down as takeover offer stirs turmoil

Founded in 2011, BigBasket is backed by Chinese Alibaba and is one of the leading online grocery delivery platforms. The pandemic has helped the company grow its business and even attract the conglomerate Tata Group, which agreed in February to acquire a majority stake in the company.


Why did LG abandon its smartphone business? We discussed this on Orbital, the Gadgets 360 podcast. Later (starting at 10:00 PM) we talk about the new co-op RPG shooter Outriders. Orbital is available on Apple Podcasts, Google Podcasts, Spotify, and anywhere you get your podcasts.

.

LEAVE A REPLY

Please enter your comment!
Please enter your name here