Data Of Two Crore Big Basket Users Up For Sale On Dark Net
A sample of the leaked data. Picture Courtesy: Cyble
Indian food and grocery chain Big Basket was reported to have fallen prey to a data breach, with details of two crore of its customers reportedly being put up for sale on the dark web.
The retail giant known for online sale and delivery of groceries was founded in 2011 and offers its services across the country. Online grocery shopping became all the more popular in India ever since the country was placed under lockdown in light of the COVID 19 pandemic.
According to researchers at Cyble, the data breach was discovered during a routine sweep of the dark web on Friday. Cyble, in an official update on their website, stated that the data was being offered for sale for USD 40,000. Based on the data examined so far, Cyble believes that it was hacked from Big Basket servers in mid-October this year.
“The leak contains a database portion, with the table name ‘member_member’. The size of the SQL file is 15 GB, containing close to 20 Million user data. More specifically, this includes names, email IDs, password hashes, contact numbers (mobile + phone), addresses, date of birth, location, and IP addresses of login, among many others,” Cyble update said.
Cyble founder Beenu Arora told CySpy India that inquiries were still underway regarding the threat actor who was offering the data for sale, and that all the details regarding the incident had been shared with Big Basket.
CySpy India has reached out to Big Basket for comment and their response will be added to this article as soon as it is received.
Cyble has acquired the data and published it on its indexing website - AmiBreached - where users who suspect that their details might be part of the leaked data can check for the same.