No products in the cart.

E-commerce co data breached, ‘info of 2 crore users put up for sale’, Retail News, ET Retail

E-commerce co data breached, ‘info of 2 crore users put up for sale’NEW DELHI: E-commerce platform Bigbasket has faced a potential data breach which could have leaked details of around 2 crore users, according to cyber intelligence firm Cyble. The company on Sunday admitted to the potential breach and said it was assessing the extent.

“We have lodged a complaint with the Bengaluru Cyber Crime Cell and intend to pursue it to bring the culprits to book,” said the Bengaluru-based company. The Cyber Cell, however, did not confirm receiving the complaint.

Cyble said a hacker has put data allegedly belonging to Bigbasket on sale for around Rs 30 lakh. “The research team found the database of Big Basket for sale in a cyber crime market, being sold for over $40,000. The size of the SQL file is about 15 GB, containing close to 20 million user data,” Cyble said in a blog post. It added the data put on sale includes names, email IDs, password hashes, contact numbers (mobile and phone), addresses, date of birth, location, and IP addresses of login among many others.

While Cyble has mentioned “passwords”, the company uses a one-time password sent through SMS which keeps on changing every time a user logs in.

Meanwhile, the company said the privacy and confidentiality of customers is priority and it does not store any financial data including credit card numbers etc and is confident that this financial data is secure. The 9-year-old grocery e-commerce platform is funded by Chinese e-commerce giant Alibaba group, the Mirae Asset-Naver Asia Growth Fund, and the British government-owned CDC group.

Source link