Quick Look:

• Bigbasket becomes the newest victim to data breaching
• Database of 20 million users sold for around 30 Lakhs.
• Sensitive information on sale- Cyber Security company detects issues.

The appending COVID-19 situation has forced almost all of us to switch to convenient shopping facilities. This is where e-commerce sites come into play. They are safe, user-friendly, quickly accessible, and allows shopping from the comfort of our homes at any time of the day.

Online stores have also been offering attractive deals and have been increasing their sales at this point. Growing awareness of online shopping and its advantages have brought people to a chop and change mindset.

These e-commerce sites request access to your details like full name, address, phone number, credit, and debit card details, password hashes, PINs, date of birth, location, and IP addresses of users accounts. Most sites and apps even store your card details for easy access while you go back again to shop with them.

It is always at our own risk that we are choosing to give access to our details to these sites knowing that there are multiple chances for the occurrence of a data breach. Data stolen from these sites are often used by hackers to blackmail the concerned person or company or even sell it on the dark web to see some hefty cash.

Adding to the list of companies that have suffered from a data breach in the past comes India’s most popular online grocery shopping store “Bigbasket” having a user base of more than 20 million.

The e-commerce company also recorded a sales peak of 2000 crores in 2016-2017 and has been handling 0ver 35,000 orders every day from its 18,000 sq.ft warehouse in Bengaluru while even some e-commerce giants like Amazon fumbles at the thought.

Today the Bengaluru-based company that was started in 2011 offers its services in more than 20 cities all over India.

Cyber-security information company Cyble Inc recently detected a data breach issue of the company’s information having occurred on the 14^th of October while the company came across this during a routine dark-web monitoring session on the 30^th of October. 

On November 1, the company revealed the details and the information regarding the breach to the company and was publicly notified on November 7^th (timeline of events as provided by Cyble in its blog).

The Research team at Cyble Inc found that the database of size 15GB containing the information of approximately 20 million users has been put up on the Dark web for sale at around 30 Lakh INR ($40,000).

The cyber-security company suggests careful use of the internet and frequent changing of passwords to escape data-breach and possible hacking of devices.