Cyber intelligence firm Cyble stated it discovered conversations between cybercriminals and ShinyHunters on November 10
On November 8, BigBasket had filed a police grievance over the hacking incident that affected over 2 Cr customers
Cyble claimed that the breach occurred on October 30, 2020 and it knowledgeable Bigbasket in regards to the suspected threats on this regard
Cyber intelligence agency Cyble, which had publicly notified a cyber assault on grocery supply platform Bigbasket, has now revealed that hacking group “Shinyhunters” is supposedly behind the info breach. Knowledge associated to over 2 Cr customers was compromised within the assault on Bigbasket.
The corporate revealed {that a} dialog between one other cybercriminal and ‘Shinyhunters’ has surfaced on RaidForums on November 10. Shinyhunters is a bunch infamous for being lively on darkish net hacking marketplaces, and the group is promoting a database containing a mixed whole of 73.2 Mn person data throughout 11 completely different corporations. The group is alleged to be operational since 2015 below a wide range of aliases corresponding to Shiny Hunters, Gnostic Gamers.
On November 8, BigBasket had filed a police grievance on this regard with Cyber Crime Cell in Bengaluru and is verifying claims made by cyber consultants.
Cyble stated {that a} hacker has put knowledge allegedly belonging to BigBasket on sale for round INR 30 lakh. The corporate claimed that the breach occurred on October 30, 2020 and it has already knowledgeable the administration of Bigbasket about it.
“A few days ago, we learnt about a potential data breach at BigBasket and are evaluating the extent of the breach and authenticity of the claim in consultation with cybersecurity experts and finding immediate ways to contain it. We have also lodged a complaint with the Cyber Crime Cell in Bengaluru and intend to pursue this vigorously to bring the culprits to book,” BigBasket had stated in a press release.
The corporate added that doesn’t retailer any monetary knowledge together with bank card numbers on its servers and is assured that every one monetary knowledge associated to customers is safe. “The only customer data that we maintain are email IDs, phone numbers, order details, and addresses so these are the details that could potentially have been accessed. We have a robust information security framework that employs best-in-class resources and technologies to manage our information. We will continue to proactively engage with best-in-class information security experts to strengthen this further,” Bigbasket had stated on the time.
