BigBasket Is The Latest Victim Of CyberAttack In India: Fundraising Deals To Go Awry?

Must Read

Ambani To Lock Horns With Musk Over Future Transportation Tech!

RIL Chairman and Asia’s richest man Mukesh Ambani has decided to lock horns with SpaceX and Tesla founder Elon...

Google Will No Longer Track Users Across Multiple Sites: Pledges To Adopt Pro-Privacy Ad Buying Tools!

Google’s advertising business is all set to undergo some major privacy-pro changes. In what can only be called a...

Amazon Had No Evil Intent As Painted By Kishore Biyani, Documents Reveal!

The ongoing spat between Amazon and Future Retail seems to become ugly with each court hearing, and Amazon is...

It seems like BigBasket, the online grocery store, had to recently divert its attention from its financing-round woes to do damage control from a severe and colossal setback.

According to Cyble, which is a cyber intelligence firm, the e-grocer startup has been the latest victim of cyber attack in India wherein the data of 2 crore users have been uploaded on the dark web.

Cyble has informed that the leaked data is of sensitive nature and includes details such as email addresses, phone numbers, full names, location addresses, password hashes and more. This data is now available on a dark web portal for sale with a price tag of $40,000 or approximately Rs. 30 lakhs.

Advertisements

In a blog post disclosing about the BigBasket breach in details, the cyber intelligence group mentioned how during their routine dark-web monitoring checks, the research team discovered this newly uploaded database from the Indian e-grocer. They also mentioned that the size of the database is ~ 15 GB and happens to contain very specific information about the users. 

Cyble said that the SQL file, apart from the more critical details mentioned above, the database also has the date of birth of users, IP addresses from where they login and hashed OTPs.

BigBasket taking note of the same immediately proceeded to file a police complaint at the Bengaluru Cyber Cell and is currently busy trying to fix this unexpected breach. 

Also, even though Cyble has informed that several names and addresses of people from the breach have already been exposed on the dark web, the e-grocer claimed that their financial data is albeit safe.

BigBasket, like several other companies, allows the user to save their debit/credit card information for ease of future purchases. Thus, how likely this information is to remain safeguarded is a question that remains unanswered. 

Advertisements

It is however well known that a threat actor with the required expertise can definitely extract a user’s financial information with the magnitude and type of information that the breach was able to compromise.

BigBasket, in a statement about the data breach, commented that they learnt about the breach a few days ago. Since then, they have been actively evaluating the authenticity of the claim along with consulting cybersecurity experts on fixing the damage.

The Bengaluru-based e-grocer also said that they don’t maintain any other data except email IDs, phone numbers, order details, and addresses thus only these could have potentially been accessed.

BigBasket Data Breach: Fundraising Deals To Go Awry?

Now, as because this breach was a display of the BigBasket glaring security loopholes, it could do a lot of damage to its fundraising aspirations besides the damage that it has already done to its users.

To combat the quickly expanding Reliance e-grocery venture JioMart, BigBasket has long been in talks with several investors for raising $350-400 million. They also knocked on the doors of Tata Group, who was last reported to be willing to buy a 50% stake in BigBasket for close to $1 billion. 

However, now, after this breach, it could very well be expected that many investors, including the big fish Tata Group, might just choose to back out from the ongoing discussions. Therefore, it makes sense for BigBasket to hit pause on all their other activities and first put out the ongoing fire. 

All in all, what will be the state of their fundraising aspirations post this massive data breach is anybody’s guess right now. We will keep you updated on all future developments. Until then, stay tuned.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest News

Do You Know How to Recognize Phishing, Quickly?

Phishing is one of the most common cybersecurity threats today. Cybercriminals use emails or text messages to send links...

In-Depth: Dprime

Will ‘TikTok By Microsoft’ Be A Winner?

For the last two years, TikTok has been in the public eye for all sorts of reasons. First, it was the exploded and unparalleled...

Facebook Subscription Model: Looking Beyond Ad Dollars?

Seldom do job listings create a stir this gripping. However, when the job listing in question is a stealth post from Twitter, with a...

Will The Online Food Delivery Market in India End Up Becoming A Two-Horse Race?

It's pretty much evident that the food delivery space in India is all set to get riled up soon enough as one of the...

More Articles Like This