Last week, pizza chain Domino’s was breached by notorious hackers who exposed the data of more than a million Indians on the dark web. In recent days, several apps and businesses such as Facebook, LinkedIn and Indian stock-broking brand Upstox, have been hacked by unethical IT staff to obtain user data which can be sold on the internet.
Indian groceries app, BigBasket, has become the latest popular mobile app to have been breached by ShinyHunters hacker group, Indian tech website Gadgets360 reported on Monday.
The personal data of more than 20 million Indian users has been uploaded on the dark web for sale including email addresses, phone numbers, app passwords of the customers along with their address and date of birth.
The breach was first noticed by Alon Gal, the founder of cybercrime intelligence firm Hudson Rock, who alerted the public to the fact that BigBasket had been hacked on Twitter.
BigBasket has yet to release an official statement on the breach.
Backed by Chinese e-commerce giant AliBaba, BigBasket was founded back in 2011. The app witnessed a sharp rise of more than 84 percent in its userbase after India went into a COVID-caused lockdown in March last year.
Theft of personal data such as name, email id, numbers, bank account details and locations is the distressing result of a cyber-attack that could expose people to the risks of phishing, fraud and scam attempts.
Experts believe that if tackling the issue is delayed, there will be a loss of personal data control, loss of confidentiality, as well as identity theft, limitation of rights, defamation and vandalism – among various other socio-economic risks.