CYBER SECURITY ENTHUSIAST

BigBasket, a popular delivery service based in India that allows people to shop online for food and have it delivered to their homes, suffered a data breach and had over 20 million user records leaked.

Recently a well-known seller of data breaches, known on the dark web as ShinyHunters has shared a database for free on a hacker forum.

Bigbasket data leak

Source

Last year BigBasket confirmed to the news publication Bloomberg News the fact that they had suffered a data breach after the seller ShinyHunter had tried to sell the stolen data in a few private sales.

There’s been a data breach and we’ve filed a case with the cybercrime police.

The investigators have asked us not to reveal any details as it might hamper the probe.

Source

The threat actor has now released the whole database for free, which reportedly contains more than 20 million user records, including email addresses, SHA1 hashed passwords, addresses, phone numbers, and other assorted information.

The passwords are hashed using the SHA1 algorithm, with forum members claiming to have cracked 2 million from the listed passwords and another member saying that 700k of the customers used the password ‘password‘ for their accounts.

In the past, ShinyHunters has been responsible for or involved in other data breaches, including Tokopedia, TeeSpring, Minted, Chatbooks, Dave, Promo, Mathway, Wattpad, and many more.

At this time all the BigBasket users should immediately change their passwords on the platform and also on any other site where they might be using the same password.

It’s important to note that in this type of situation it’s also important to make sure that all the passwords we’re using are strong and private.

Heimdal Official Logo
Email communications are the first entry point into an organization’s systems.

Heimdal™ Email Fraud Prevention

Is the next-level mail protection system which secures all your incoming and outgoing comunications.
  • Deep content scanning for attachments and links;
  • Phishing, spear phishing and man-in-the-email attacks;
  • Advanced spam filters to protect against sophisticated attacks;
  • Fraud prevention system against Business Email Compromise;
Try it for FREE today Offer valid only for companies.

You can find out more about keeping your online accounts secure here.

Password Mistakes You and Your Employees Are (Probably) Making

Top 550+ Funny Passwords Ever Encountered

The Ultimate Password Security Guide for Unhackable Credentials [Updated]

Leave a Reply

Your email address will not be published. Required fields are marked *

GO TO TOP