ShinyHunters targeted BigBasket over 20million data breach exposing for free!
_cb173edbde%2FUntitled-design-(1)_Untitled_design_(1)_cb173edbde.png&w=3840&q=75)
Continue reading
BigBasket was lately discovered to be under a serious data breach exposing over 20 million user data on the same hacking forum, which also hosted the breached database of Facebook, LinkedIn & Clubhouse in their previous breaches. BigBasket, which is a popular online grocery store that delivers groceries over pan India, has already confirmed that it might have encountered a possible data breach months before this revelation hit the web. ShinyHunters, an infamous threat actor, was reportedly behind this alleged breach who published the database for free, claiming it to be from BigBasket.

While this isn't the first time for BigBasket as in the past, also they have been targeted multiple times. In November last year, the company confirmed in a report by Bloomberg News that there was an attempt of a data breach after 'ShinyHunter' had previously made an effort to get rid of the stolen data in private sales.
* There’s been a data breach, and we’ve filed a case with the cybercrime police, BigBasket CEO Hari Menon told Bloomberg News. The investigators have asked us not to reveal any details as it might hamper the probe.*
It came to everyone's attention after Alon Gal tweeted about this, along with a couple of samples yesterday, revealing that the database includes personal credentials such as email, phone number, address, SH1 hashed passwords, date of birth, & scores of interactions they had with the service and other assorted information.
Infamous threat actor "ShinyHunters" just leaked the database of "BigBasket, a famous Indian 🇮🇳 online grocery delivery service. (@bigbasket_com)
— Alon Gal (Under the Breach) (@UnderTheBreach) April 25, 2021
20,000,000+ clients affected and information such as emails, names, hashed passwords, birthdates and phone numbers were leaked. pic.twitter.com/tD5TMxNkH7

Although no one from BigBasket commented on this yet.
All the passwords are hashed using the SHA1 algorithm, and in the subsequent posts on the same thread, several other members claimed to have decoded over 2 million of the hashed passwords and tried selling them over. Another member claims that 700K of the users used the same string 'password' for their accounts. But ShinyHunters didn’t immediately respond to a text requesting comment.

Backdoor.Daxin, the kernel-mode rootkit Symantec once called the most advanced tool ever tied to a China-linked espionage actor, has been found running again