Online shopping users of Flipkart are requested to reset their passwords due to certain security issues that could lead to misuse of information of the users.
An alleged leaked database of e-commerce store Big-Basket from accounts of Flipkart customers who also used Big-basket with the same ID and passwords could lead to unauthorised transactions.
According to the cybercrime expert, Rajshekhar Rajaharia, a set of email addresses and passwords were sold out by the cybercriminals from allegedly leaked databases of BigBasket. Most of the customers use the same ID and passwords for most of the websites.
He tweeted that some people are selling Bigbasket Email: Password combinations as Flipkart data. People are using the same password for all websites. Almost all emails are matching with Bigbasket DB (database). Change your Flipkart Passwords asap.
He also said Flipkart should secure its accounts.
It is possible for anyone with a combination of leaked email and password to easily log in from anywhere including VPN/TOR to Flipkart. It is better to use 2FA ( two-factor authentication) for all accounts.
The security expert stated that sites like Amazon have less risk of getting hacked as it sends an OTP for login when there is a change in the browser.
He also posted account details being sold on Telegram.
According to a spokesperson at Flipkart who has responded to the incident, the group is focused on maintaining the safety and security of customer data and has robust information security systems and control in place.
Also in order to create awareness on fraudulent activities they drive awareness campaigns across various media and social channels, educating customers on best practices for a safe online experience and to keep their accounts safe from unscrupulous cyber elements.