Big Basket data breach: email IDs, phone numbers, home addresses of two crore Indians allegedly leaked on the web
Databaseof around 20 million Big Basketusers is allegedly out on the internet.
- It is the same data that was reported to be breached in November 2020.
- You can check if your data has been compromised.
Another massive database has allegedly been leaked on a popular cybercrime forum. The database is said to be of 20 million Big Basket users, which was first confirmed by the Indian grocery delivery startup on November 7, 2020. The database includes email IDs, home addresses, phone numbers, password hashes (potentially hashed OTPs), IP addresses, date of birth and also the user-aggregator interactions done on the
View all Offers
View all Offers
- 63% OFF
Qube By Fort Collins Men's Jacket (1211 OL_Maroon_XXL)₹ 782₹ 1999Buy On
- 13% OFF
Rupa Thermocot Boys' Plain Cotton Thermal Set (AGNIKIDSRNFSTSOE_Blue_65)₹ 434₹ 434Buy On
- 61% OFF
Qube By Fort Collins Men's Jacket (1177Q_Olive_L)₹ 889₹ 2599Buy On
- 63% OFF
Qube By Fort Collins Men's Jacket (11115AZ_Navy_XL)₹ 867₹ 2299Buy On
- 79% OFF
Yash Gallery Women's Plus Size Rayon Geometric Print Embroidered Anarkali Kurta (Black)₹ 959₹ 4199Buy On
The hacker who is said to have published the alleged Big Basket database goes by the name ShinyHunters. The database was made available for anyone to download over the weekend on a well-known cybercrime forum. ShinyHunters is the same hacking group that has started to flood a dark web hacking marketplace with databases containing a combined total of 73.2 million user records over 11 different companies, according to threat intelligence SaaS provider Cyble. The group has been operating since 2015, some of their aliases are Shiny Hunters, #TheDarkOverlord, Gnostic Players.
Infamous threat actor "ShinyHunters" just leaked the database of "BigBasket, a famous Indian online grocery deli… https://t.co/nS3RNKU7Gm— Alon Gal (Under the Breach) (@UnderTheBreach) 1619350289000
Unfortunately, Big Basket was not the only Indian startup that reported data breaches or bugs in their security system, last year. WhiteHat Jr and Dunzo were also among the startups that saw their data getting compromised over the same period.
The news comes weeks after Tata Group shared its plan to acquire
When did the Big Basket breach happen?
According to Cyble, which was the first to make the details of the potential breach public, the first breach occurred on October 14 and it found out about it on October 30, later disclosing it to Big Basket on November 1. Cyble also claimed that the data was put up for sale on the dark web for $40,000.
There are some portals like ' have I been pwned' and ' am I breached', where you can check your data has been compromised in one of the breaches in the past. You simply need to go to these sites, enter your email used to register the account and hit enter. In the former’s case, you will be informed about the number of breaches. Scrolling down, you will be able to see the platforms that were hit by a breach, compromising your data. I checked mine, and unfortunately, my data has been compromised in 11 breaches (image above) including Big Basket, Zomato, Dunzo, Zoomcar and more.
Popular on BI
- Bajaj Finance, Tech Mahindra, Tata Power and other top stocks on January 18
- Shrinking car and two-wheeler sales is now hurting India’s biggest private bank
- The best pay masters in the gig economy aren’t good enough
- Amazon Great Republic Sale: Top deals on recliners, sofas and more home furnishing items
- Best fashion and beauty deals during Amazon sale