‘Big Basket’ Online Supermarket Breached and Data Leaked

  • Someone is selling the details of 20 million customers of the ‘Big Basket’ online supermarket.
  • The details include full names, email addresses, phone numbers, and delivery addresses.
  • The exposed individuals now run the risk of getting scammed, phished, or have their accounts stolen.

India’s largest online supermarket platform, ‘Big Basket,’ has suffered a data breach that appears to have occurred on October 14, 2020. The company hasn’t realized the security incident or chose to keep it a secret, hoping that nobody would notice, but the first samples of this data are already leaking on the dark web, so the event has now come to light.

Big Basket is a $2-billion giant, providing its online shopping services to people in Bangalore, Hyderabad, Mumbai, Pune, Chennai, Delhi, Noida, Mysore, Coimbatore, Vijayawada-Guntur, Kolkata, Ahmedabad-Gandhinagar, Lucknow-Kanpur, Gurgaon, Vadodara, Visakhapatnam, Surat, Nagpur, Patna, Indore, and Chandigarh Tricity city. Thus, almost the entire country of India is covered by Big Basket services.

Related: E-Commerce Firm ‘Lazada’ Breached by Hackers and User Data Accessed

Cyble’s researchers have located a newly posted data sale that involves a database belonging to Big Basket. The price that was set by the crooks is $40,000, and the size of the SQL file is about 15 GB. In there, one can find the details of roughly 20 million customers of the online supermarket, including the following:

  • Full names
  • Email addresses
  • Hashed passwords
  • Mobile phone numbers
  • Delivery addresses
  • Dates of birth
  • Location data
  • Login IP addresses
Source: Cyble

Fortunately, payment details haven’t been exposed, but it’s not that the rest of what was compromised is not that important. The above details open the way to scamming, spamming, phishing, credential stuffing, and even identity theft actors. Even though the passwords were hashed, customers of Big Basket should reset their password on any place they may be using it.

Especially during these rough times of the Coronavirus situation, people turned to remote shopping solutions like the one offered by Big Basket, trusting the platform with their personal details. Cyble has added the data of the pack on its breach monitoring and notification system, so you may use its “AmIBreached” tool to check if you’re included.

If you happen to receive any emails or SMS making weird claims and asking you to give away more information or money, delete them immediately and block the number. Next time you want to buy stuff online, prefer an anonymous email address and a fake name if that’s possible. Always share the least possible valid information you need to, and when incidents like this one happen, your troubles will be minimal.

Latest
How to Watch Shetland Season 7 Online From Anywhere
Shetland is back to answer all of the questions that left us hanging at the end of the last series, and you...
Real Madrid Vs Eintracht Frankfurt Live Stream: How to Watch UEFA Super Cup Final Online From Anywhere
The new soccer season is upon us, which means it is time for the UEFA Super Cup Final. Played between the previous...
How to Watch I Am Groot Online On Disney Plus
Marvel's I Am Groot is almost here, which means Marvel fans need to add one more show to their watchlist this summer. We...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari
[class^="wpforms-"]
[class^="wpforms-"]