Online grocery platform BigBasket has become the latest cyber attack target in India.
The company has faced a potential data breach with the information of more than 20 million customers on the darkweb for sale, according to the US-based cybersecurity intelligence firm Cyble.
The data, which sells for $ 40,000, includes full names, email ID, password hash (OTP potentially hash), PIN, contact numbers, addresses, dates of birth, location, and login IP addresses, among other bits of information, says a Cyble blog post.
The Bengaluru-based start-up has filed a complaint with the city’s cybercrime cell and is evaluating the extent of the breach and the authenticity of the claim in consultation with cybersecurity experts.
“The privacy and confidentiality of our customers are our priority and we do not store any financial data, including credit card numbers, and we are confident that this financial data is safe,” the Alibaba-backed company said in a statement.
“The only customer data that we keep is email IDs, phone numbers, order details, and addresses, so these are the details that could have been accessed. We have a solid information security framework that uses the best resources and technologies to manage our information ”, he added.
According to Cyble’s blog post, the alleged breach occurred on October 14 and BigBasket’s management was informed about it on November 1.
While online commerce has made life easier, this convenience could come at a cost, experts say.
Last month, Hyderabad-based pharmaceutical company Dr Reddy’s had to shut down its plants around the world after a cyberattack on its servers. In May of this year, Unacademy, an educational technology startup backed by Facebook, had become the target of a cyberattack with the data of more than 20 million users of the platform leaked and put up for sale on the darkweb.
According to an IBM survey, the average cost of a data breach in India reached ~ 14 crore in 2020, a 9.4 percent increase from last year, as the average time to contain a data breach increased 77 to 83 days a year. The top three causes of data breaches are malicious attacks, system failures and human errors in the country, the report added.
While the view is uniform that data is a critical asset that can help sharpen business reach and increase profits, it should be treated as a tradable asset, experts say.
“Rather than treating it as a commodity to be hidden behind massive security measures, industry and regulatory bodies should move towards treating data as a tradable asset and a data economy infrastructure where consumers will feel more comfortable and a little richer and data hackers have less incentive to violate and sell it, ”said Ankit Chaudhari, CEO and founder of Aiisma, a data marketplace.
“Otherwise, security will continue to become expensive and hackers sophisticated, a scenario in which neither the consumer nor the business wins,” Chaudhari added.
Dear reader,
Business Standard has always strived to provide up-to-date information and feedback on developments that are of interest to you and that have broader political and economic implications for the country and the world. Your encouragement and constant feedback on how to improve our offering has only strengthened our determination and commitment to these ideals. Even during these difficult times arising from Covid-19, we remain committed to keeping you informed and up-to-date with credible news, authoritative opinions, and incisive commentary on relevant current affairs.
However, we have a request.
As we fight the economic impact of the pandemic, we need your support even more so that we can continue to bring you more quality content. Our subscription model has received an encouraging response from many of you, who have subscribed to our content online. Increased subscription to our online content can only help us achieve our goals of bringing you even better and more relevant content. We believe in free, fair and credible journalism. Your support through more subscriptions can help us practice the journalism to which we are committed.
Support quality journalism and subscribe to Business Standard.
Digital editor
.
