BigBasket data breach: Details of 2 crore users leaked, company files complaint in Bengaluru

By  Gitanjali Mangal November 9th 2020 01:27 PM -- Updated: November 9th 2020 01:28 PM

Online grocery delivery platform BigBasket has filed a police complaint in Bengaluru after facing a potential data breach, with details of around 2 crore users leaked. Also Read | Total ban on firecrackers in Delhi-NCR from Nov 9 midnight to Nov 30 According to the United States-based cybersecurity intelligence firm Cyble, a hacker has allegedly put the data on sale for around $40,000 which is Rs 30 lakh. “In the course of our routine dark web monitoring, the research team at Cyble found the database of BigBasket for sale in a cyber crime market, being sold for over $40,000,” the firm said. “The leak contains a database portion; with the table name ‘member_member’. The size of the SQL file is about 15 GB, containing close to 20 million user data.” it added. Bigbasket pushes for sustainable practices The leaked data includes full names, password hashes (potentially hashed OTPs), pin, contact numbers (mobile and phone), full addresses, date of birth, location, and IP addresses of login, among other details, Cyble said. The data breach reportedly occurred on October 30 and the company was informed about the incident on November 1. Issuing the statement, Bengaluru-based BigBasket said it is confident that financial data of its users is secure. Also Read | UK to honour 21 heroes of Saragarhi who killed 200 with 9-ft bronze statue “A few days ago, we learnt about a potential data breach at BigBasket and are evaluating the extent of the breach and authenticity of the claim in consultation with cybersecurity experts and finding immediate ways to contain it,” it said. “We have also lodged a complaint with the Cyber Crime Cell in Bengaluru and intend to pursue this vigorously to bring the culprits to book.” it added. educare The company also said that the privacy and confidentiality of customers was its priority. “The only customer data that we maintain are email IDs, phone numbers, order details, and addresses so these are the details that could potentially have been accessed,” the statement stated. Adding, “We have a robust information security framework that employs best-in-class resources and technologies to manage our information. We will continue to proactively engage with best-in-class information security experts to strengthen this further.” BigBasket is funded by Alibaba Group, Mirae Asset-Naver Asia Growth Fund and the UK government-owned CDC group. -PTC News

Related Post