- Home
- News
- Articles+
- Aerospace
- Agriculture
- Alternate Dispute Resolution
- Banking and Finance
- Bankruptcy
- Book Review
- Bribery & Corruption
- Commercial Litigation
- Competition Law
- Conference Reports
- Consumer Products
- Contract
- Corporate Governance
- Corporate Law
- Covid-19
- Cryptocurrency
- Cybersecurity
- Data Protection
- Defence
- Digital Economy
- E-commerce
- Employment Law
- Energy and Natural Resources
- Entertainment and Sports Law
- Environmental Law
- FDI
- Food and Beverage
- Health Care
- IBC Diaries
- Insurance Law
- Intellectual Property
- International Law
- Know the Law
- Labour Laws
- Litigation
- Litigation Funding
- Manufacturing
- Mergers & Acquisitions
- NFTs
- Privacy
- Private Equity
- Project Finance
- Real Estate
- Risk and Compliance
- Technology Media and Telecom
- Tributes
- Zoom In
- Take On Board
- In Focus
- Law & Policy and Regulation
- IP & Tech Era
- Viewpoint
- Arbitration & Mediation
- Tax
- Student Corner
- AI
- ESG
- Gaming
- Inclusion & Diversity
- Law Firms
- In-House
- Rankings
- E-Magazine
- Legal Era TV
- Events
- News
- Articles
- Aerospace
- Agriculture
- Alternate Dispute Resolution
- Banking and Finance
- Bankruptcy
- Book Review
- Bribery & Corruption
- Commercial Litigation
- Competition Law
- Conference Reports
- Consumer Products
- Contract
- Corporate Governance
- Corporate Law
- Covid-19
- Cryptocurrency
- Cybersecurity
- Data Protection
- Defence
- Digital Economy
- E-commerce
- Employment Law
- Energy and Natural Resources
- Entertainment and Sports Law
- Environmental Law
- FDI
- Food and Beverage
- Health Care
- IBC Diaries
- Insurance Law
- Intellectual Property
- International Law
- Know the Law
- Labour Laws
- Litigation
- Litigation Funding
- Manufacturing
- Mergers & Acquisitions
- NFTs
- Privacy
- Private Equity
- Project Finance
- Real Estate
- Risk and Compliance
- Technology Media and Telecom
- Tributes
- Zoom In
- Take On Board
- In Focus
- Law & Policy and Regulation
- IP & Tech Era
- Viewpoint
- Arbitration & Mediation
- Tax
- Student Corner
- AI
- ESG
- Gaming
- Inclusion & Diversity
- Law Firms
- In-House
- Rankings
- E-Magazine
- Legal Era TV
- Events
Big Basket hit by data breach; credentials of 2 crore consumers put up for sale on Dark Web
BigBasket hit by data breach; credentials of 2 crore consumers put up for sale on Dark WebOnline grocery platform BigBasket has faced a potential data breach as the information of over 20 million customers had been put up for sale on the dark web, according to cyber security intelligence firm Cyble. According to Cyble blog post, the data has been put up for sale for Rs. 30 lakh, and...
ToRead the Full Story, Subscribe to
Access the exclusive LEGAL ERAStories,Editorial and Expert Opinion
BigBasket hit by data breach; credentials of 2 crore consumers put up for sale on Dark Web
Online grocery platform BigBasket has faced a potential data breach as the information of over 20 million customers had been put up for sale on the dark web, according to cyber security intelligence firm Cyble.
According to Cyble blog post, the data has been put up for sale for Rs. 30 lakh, and includes credentials such as full names, email IDs, password hashes (potentially hashed OTPs), PIN, contact numbers, addresses, dates of birth, location, and IP addresses of login, among other bits of information.
BigBasket has lodged a complaint with the Bengaluru's Cybercrime Cell and is evaluating the extent of the breach and authenticity of the claim in consultation with cyber security experts.
According to the company, customer privacy and confidentiality is a priority and it does not store any financial data, including credit card numbers. The company added that it is confident that customers' financial data is secure.
"The only customer data we maintain are email IDs, phone numbers, order details, and addresses so these are the details that could potentially have been accessed. We have a robust information security framework that employs best-in-class resources and technologies to manage our information," it added.
According to the Cyble blog post, the alleged breach occurred on October 14 and the BigBasket management was informed about it on November 1.