A massive data breach on BigBasket has affected 20 million users. Not long ago, major tech companies including Facebook, LinkedIn, Clubhouse suffered a massive data breach.
Over 20 million BigBasket user records containing personal information and hashed passwords were leaked on a hacking forum.
BigBasket is a well-known Indian online grocery delivery service that allows customers to shop for groceries online and get it delivered to their homes.
ShinyHunters, a popular seller of data breaches, gave away a database that he said he stole from BigBasket on a hacker forum.
BigBasket announced a data breach in November 2020, after ShinyHunter had previously attempted to sell the breached data in private sales.
Also read: A massive Data Leak exposes over 3.2 billion passwords including 1.5 million Government Emails
Similar news: Domino’s data breach: Hacker selling data for 10 Bitcoins
The BigBasket data breach was discovered by security researcher Alon Gal and verified by the company in November of last year.
The data obtained in the hack has now been made available on the dark web. It is open to the public and is free to use.
Gal announced the news in a recent tweet. According to the researcher, the leaked BigBasket data includes 20 million users’ names, email addresses, hashed passwords, phone numbers, and birthdates.
The passwords are hashed using the SHA1 algorithm, and cybercriminals claim to have cracked 2 million of them so far. According to another participant, 700,000 customers used the password “password” for their accounts.
All BigBasket users are strongly advised to change their passwords on BigBasket and any other platforms that use the same password immediately. Additionally, you can check on Have I Been Pwned? to see if your email or phone number was included in the data leak.
“This could lead to a serious problem for the affected customers as bad actors would gain access to their personal web accounts using the decrypted passwords and leaked email addresses”, Cyber-security researcher Rajshekhar Rajaharia told Gadgets 360