wordpress blog stats
Connect with us

Hi, what are you looking for?

Data of 2 crore BigBasket users leaked, being sold on dark web: Reports

In a massive data breach, data of over 2 crore BigBasket users, including their names, email IDs, password hashes, pin, and contact numbers, among others, was leaked and is being sold on the dark web, reported cybersecurity firm Cyble. The database was reportedly being sold for around ₹29.5 lakh ($40,000).

BigBasket has meanwhile, according to several news reports including by Entrackr and IndiaToday, acknowledged the breach. The e-commerce website claimed that it does not store financial data of customers, and is confident that this data is secure. It claimed to have lodged a complaint with the Cyber Crime Cell in Bengaluru.

According to Cyble’s report, the size of the leaked database file was over around 15 GB, containing data of nearly 2 crore users. “More specifically, this includes full names, email IDs, password hashes (potentially hashed OTPs), pin, contact numbers (mobile + phone), full addresses, date of birth, location, and IP addresses of login among many others,” the blog post read (emphasis theirs).

The breach potentially went unnoticed for over two weeks; it reportedly happened on October 14, but was detected by Cyble only on October 30. The company then disclosed the breach to BigBasket on November 1.

BigBasket told media outlets that it will pursue the matter “vigorously to bring the culprits to book”. It told Entrackr in an emailed statement that it does not store financial data. However, it admitted that its other customer datat — email ids, phone numbers, order details, addresses and so on — could potentially have been accessed.

Advertisement. Scroll to continue reading.

Latest in series of high-profile breaches

In the past few months, several Indian companies have suffered data breaches. In August, a breach at ticketing and travel website RailYatri exposed details of over 700,000 users. The leaked details included sensitive details such as travel itineraries, and financial data such as credit and debit card information and UPI Ids. Last month, PTI was hit with a ransomware attack that forced the news agency to suspend its publishing services for several hours.

Paytm Mall, another major Indian startup, has also been accused of security lapses. Cyble had claimed that a cybercrime group had gained access to Paytm Mall’s website through a backdoor for unrestricted access to the company’s databases. Paytm Mall has, however, consistently refuted these claims. Last month, it sent a legal notice to Cyble for spreading “disinformation”.

Also read:

Written By

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



When news that Walmart would soon accept cryptocurrency turned out to be fake, it also became a teachable moment.


The DSCI's guidelines are patient-centric and act as a data privacy roadmap for healthcare service providers.


In this excerpt from the book, the authors focus on personal data and autocracies. One in particular – Russia.  Autocracies always prioritize information control...


By Jai Vipra, Senior Resident Fellow at Vidhi Centre for Legal Policy The use of new technology, including facial recognition technology (FRT) by police...


By Stella Joseph, Prakhil Mishra, and Yash Desai The Government of India circulated proposed amendments to the Consumer Protection (E-Commerce) Rules, 2020 (“E-Commerce Rules”) which...

You May Also Like


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ