Data Breaches

20 million BigBasket user records leaked online


Around 20 million BigBasket user records containing personal information and hashed passwords were leaked on a popular hacking forum.

BigBasket is a popular Indian online grocery delivery service by which people can shop online for food and deliver it to their homes.

ShinyHunters, a famous seller of data breaches posted a database for free on a hacker forum that he claims to have stolen from BigBasket.

In November 2020, BigBasket confirmed that they had suffered a data breach after ShinyHunter had previously tried to sell the stolen data in private sales.

Similar to older breaches privately sold by ShinyHunters, the threat actor has now released the whole database for free, which reportedly contains more than 20 million user records.

The database includes BigBasket customer information, including email addresses, SHA1 hashed passwords, addresses, phone numbers, and other assorted information.

The passwords are hashed using the SHA1 algorithm, and forum members have claimed to crack 2 million of the listed passwords already. Another member claims that 700k of the customers used the password ‘password’ for their accounts.

All BigBasket users are highly recommended to immediately change their passwords on BigBasket and at any other sites using the same password.

Priyanka R
Cyber Security Enthusiast, Security Blogger, Technical Editor, Author at Cyber Safe News

    3.2 billion leaked passwords contain 1.5 million records with government emails

    Previous article

    Apple fixes macOS zero-day bug exploited by Shlayer malware

    Next article

    You may also like


    Leave a reply

    Your email address will not be published. Required fields are marked *