Bigbasket faces potential data breach; details of 20 mn users put on sale


Online grocery platform BigBasket has turn into the newest target of a cyberattack in India. The company has faced a potential data breach with data of over 20 million customers to be had on the dark web for sale, according to US-based cybersecurity intelligence firm Cyble.

The data being sold for $40,000 includes full names, email IDs, password hashes (potentially hashed OTPs), pins, contact numbers, addresses, dates of birth, locations, and IP addresses of login among other information, says a Cyble blogpost.

The Bengaluru-based startup has lodged a complaint with the city’s Cyber Crime Cell and is currently evaluating the extent of the breach and authenticity of the claim in consultation with cybersecurity experts.

“The privacy and confidentiality of our customers is our precedence and we don’t store any financial data including credit card numbers, and are self-assured that this financial data is protected,” said the Alibaba-backed company in a commentary. “ The only customer data that we take care of are email ids, phone numbers, order details, and addresses so these are the main points that could potentially have been accessed.

We have a robust information security framework that employs best-in-class resources and technologies to administer our information,” it added.

According to the Cyble blogpost, the alleged breach occurred on October 14 and the BigBasket management used to be informed approximately it on November 1.

While online trade has made lives easier all over the class lesson of Covid-19, making shopping from home convenient, this convenience could come at a cost, say experts.

Final month, Hyderabad-based pharmaceutical company Dr Reddy’s had to close its plants across the globe after a cyberattack on its servers. In May this year, Facebook-backed edtech start-up Unacademy became the target of a cyberattack with data of over 20 million of the platform’s users leaked and put on sale on the dark web.

According to an IBM survey, the average complete cost of a data breach in India touched Rs 14 crore in 2020, an increase of 9.4 per cent from final year, as the average time to contain a data breach increased from 77 to 83 days all over the year. The top three root causes of data breach are malicious attack, system glitch and human error in the country, added the outline.

While everyone realises data is a critical asset that can help sharpen trade outreach and also increase backside line profits, it must be treated as a tradeable asset, say experts.

“Instead of treating it as a commodity that must be hidden in the back of large security measures, the industry and regulatory bodies wish to move towards treating data as a tradeable asset and data economy infrastructure wherein consumers will be more comfortable, rather richer and data pirates have less incentive to breach and sell it,” said Ankit Chaudhari, CEO & Founder, Aiisma, a data marketplace. “Differently security will retain getting expensive and hackers sophisticated, in which scenario neither the consumer nor corporates win,” Chaudhari added.


BigBasket lodges complaint with Bengaluru’s Cyber Crime Cell

Evaluating extent of breach and authenticity of claim

Company claims financial data of users protected

Alleged breach occurred on October 14

Data leak in India

Rs 14 crore: Average cost to contain breach

83 days: Average time to contain breach

Causes of breach

53%: malicious attacks

26%: system glitch

21%: human error

Source: IBM outline

Dear Reader,

Commerce Standard has at all times strived tough to supply up-to-date information and remark on developments that are of interest to you and have wider political and economic implications for the country and the world. Your encouragement and fixed feedback on how to give a boost to our offering have only made our get to the bottom of and commitment to these ideals stronger. Even all over these difficult times arising out of Covid-19, we continue to remain dedicated to keeping you informed and up to date with credible news, authoritative views and incisive remark on topical issues of relevance.

We, alternatively, have a request.

As we battle the economic have an effect on of the pandemic, we need your give a boost to even more, in order that we will be able to continue to provide you with more quality satisfied. Our subscription mannequin has seen an encouraging response from many of you, who have subscribed to our online satisfied. More subscription to our online satisfied can only help us achieve the goals of offering you even better and more applicable satisfied. We consider in free, reasonable and credible journalism. Your give a boost to through more subscriptions can help us practise the journalism to which we are dedicated.

Make stronger quality journalism and subscribe to Commerce Standard.

Digital Editor

Top stories / News / Commerce


Please enter your comment!
Please enter your name here