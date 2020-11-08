BENGALURU : Online grocery delivery Bigbasket is suspected to have suffered a massive data breach in which the details of over 2 crore users may have been leaked on the dark web, according to a US-based cybersecurity firm.

Atlanta-headquartered Cyble Inc. in a blogpost on Saturday said that during a routine dark web monitoring, its research team found database of Big Basket for sale for around $40,000 (about ₹30 lakh).

“The leak contains a database portion; with the table name ‘member_member’. The size of the SQL file is ~ 15 GB, containing close to 20 Million user data. More specifically, this includes full names, email IDs, password hashes (potentially hashed OTPs), pin, contact numbers (mobile + phone), full addresses, date of birth, location, and IP addresses of login among many others," Cyble said in the blogpost.

The alleged breach occurred on 14 October and a fortnight later Cyble detected the irregularities, the blogpost said. It was validated and shared with the management of Bengaluru-headquartered Bigbasket on 1 November. Bigbasket has filed a case with the Cyber Crime Cell in Bengaluru.

Innovative Retail Concepts Private Limited-run bigbasket.com is one of India’s largest online food and grocery store and is valued at around $2 billion. The company has been funded by Alibaba Group, Mirae Asset-Naver Asia Growth Fund among others.

Bengaluru-based Bigbasket said it is evaluating the extent of the breach and authenticity of the claim with cybersecurity experts as well as finding ways to contain it.

“The privacy and confidentiality of our customers is our priority and we do not store any financial data including credit card numbers etc., and are confident that this financial data is secure. The only customer data that we maintain are email ids, phone numbers, order details, and addresses so these are the details that could potentially have been accessed," BigBasket said in a statement.

The company added that it has a robust information security framework that employs best-in-class resources and technologies to manage its information. “We will continue to proactively engage with best-in-class information security experts to strengthen this further," they added.

The online retailer has over 18,000 products and 1000 brands in its catalogue and services customers in over 20 cities across the country including Delhi, Mumbai and Bengaluru.

The breach comes at a time when covid-19 induced lockdown has encouraged more people to shop online for essentials like grocery. But online activity has increased the threat of phishing and other scamsters even though there is no sharp spike in cyber crime activity, Bengaluru police said.

Earlier in June, delivery startup Dunzo experienced a data breach in which the personal details of over 300,000 accounts were leaked.

On 39 August, Cyble had alleged that e-commerce platform Paytm Mall suffered a massive data breach, where a cybercrime group under the alias ‘John Wick’ was able to get unrestricted access to the entire database of the company.

Thereafter, ‘John Wick’ hacked the Twitter account of Narendra Modi’s personal website, and through a tweet, clarified that it had not hacked ‘Paytm Mall’.

As a response, Paytm Mall, in the first week of September sent a legal notice to Cyble asking the cyber-risk intelligence firm to immediately stop making any further false claims on the matter, and issue a public communication stating that the contents of its August 30 blog post are incorrect. In case of non-compliance, the e-commerce firm said that it will move to court and initiate civil and criminal proceedings against the cybersecurity company.

Bengaluru police said that there has been no sharp spike in cyber crimes despite increased activity online.

Jatinder Pal Singh, Director, Cloud and product Security at Informatica says that “Attack surface" is the number of possible ways an attacker can get into a network.

“In today’s Information security world, what’s more important is how soon entities like bb.com detect a compromise, respond to it and hence limit their exposure," he adds.

