Hackers leaked 20 million information to BigBasket users for free

A well-known data breach trader ShinyHunters posted a database on a hacker forum that he assumed was stolen from BigBasket.

Earlier in November 2020, BigBasket confirmed to Bloomberg that it had been under a data theft attack, and ShinyHunter had previously also attempted to sell the stolen data in a private sale. But now all of this information is publicly available for free.

Specific database includes BigBasket customer information, email address, SHA1 password, address, phone number and other types of information. The passwords are encrypted using the SHA1 algorithm and the forum members claim to crack 2 million passwords.

Of which about 700,000 users used a simple password called 'password'. In the past, ShinyHunters was responsible or involved in other data breaches, including Tokopedia, TeeSpring, Minted, Chatbooks, Dave, Promo , Mathway, Wattpad .

BleepingComputer has confirmed that some customer records are accurate, including specific information about the BigBasket service, recommending all BigBasket users to immediately change their passwords on BigBasket and at any website. else using the same password.