Big Basket data breach: email IDs, phone numbers, home addresses of two crore Indians allegedly leaked on the web
Databaseof around 20 million Big Basketusers is allegedly out on the internet.
- It is the same data that was reported to be breached in November 2020.
- You can check if your data has been compromised.
AdvertisementAnother massive database has allegedly been leaked on a popular cybercrime forum. The database is said to be of 20 million Big Basket users, which was first confirmed by the Indian grocery delivery startup on November 7, 2020. The database includes email IDs, home addresses, phone numbers, password hashes (potentially hashed OTPs), IP addresses, date of birth and also the user-aggregator interactions done on the
The hacker who is said to have published the alleged Big Basket database goes by the name ShinyHunters. The database was made available for anyone to download over the weekend on a well-known cybercrime forum. ShinyHunters is the same hacking group that has started to flood a dark web hacking marketplace with databases containing a combined total of 73.2 million user records over 11 different companies, according to threat intelligence SaaS provider Cyble. The group has been operating since 2015, some of their aliases are Shiny Hunters, #TheDarkOverlord, Gnostic Players.
Infamous threat actor "ShinyHunters" just leaked the database of "BigBasket, a famous Indian online grocery deli… https://t.co/nS3RNKU7Gm— Alon Gal (Under the Breach) (@UnderTheBreach) 1619350289000
Unfortunately, Big Basket was not the only Indian startup that reported data breaches or bugs in their security system, last year. WhiteHat Jr and Dunzo were also among the startups that saw their data getting compromised over the same period.
The news comes weeks after Tata Group shared its plan to acquire
When did the Big Basket breach happen?
According to Cyble, which was the first to make the details of the potential breach public, the first breach occurred on October 14 and it found out about it on October 30, later disclosing it to Big Basket on November 1. Cyble also claimed that the data was put up for sale on the dark web for $40,000.
There are some portals like 'have I been pwned' and 'am I breached', where you can check your data has been compromised in one of the breaches in the past. You simply need to go to these sites, enter your email used to register the account and hit enter. In the former’s case, you will be informed about the number of breaches. Scrolling down, you will be able to see the platforms that were hit by a breach, compromising your data. I checked mine, and unfortunately, my data has been compromised in 11 breaches (image above) including Big Basket, Zomato, Dunzo, Zoomcar and more.
- Bajaj Chetak Urbane electric scooter with 113 km range to hit the roads starting ₹1.15 lk
- Cyclone 'Michaung' alert in the Tirupati, Nellore, Prakasam, Bapatla, Krishna, West Godavari, Konaseema, and Kakinada of AP Districts
- Gold surges Rs 450 to hit record high of Rs 64,300 per 10 gm
- 7 best places to visit in Amritsar on your next trip
- Mizoram polls: ZPM dethrones MNF, bags 27 of 40 seats