bigbasket
HighIn 2020, bigbasket experienced a breach exposing 24M customer records, including sensitive data.
- Records exposed
- 24,500,011 records
- Breach date
- Breach Oct 14, 2020
- Last update
- Updated Apr 26, 2021
What data was exposed?
Fields reported as compromised in this breach record.
Why does this breach matter?
In-depth analysis of the breach and its implications.
In October 2020, the Indian online grocery platform bigbasket experienced a data breach that compromised information from over 24 million customer accounts. The breach exposed sensitive data including email addresses, IP and physical addresses, names, phone numbers, dates of birth, and passwords stored using an insecure hashing method (Django SHA-1). Initially sold in underground marketplaces, the leaked data eventually became publicly available in April 2021.
Impact Analysis
Understanding the scope and consequences of this breach.
- User Impact
- Users risk identity theft and unauthorized access due to exposed sensitive information.
- Business Impact
- Bigbasket faced reputational damage and potential legal/regulatory consequences due to the breach.
- Affected Sectors
- Retail
- E-commerce
- Geographic Impact
- India
What You Should Do
Recommended actions to take in response to this breach.
If You Were Affected
- •Change your bigbasket account password if you used this platform before October 2020.
- •Monitor accounts and transactions for unusual activity.
- •Enable two-factor authentication on all online accounts.
Preventive Measures
- •Use strong, unique passwords for every website.
- •Regularly monitor accounts for suspicious activity.
- •Prefer platforms that use strong encryption methods for password storage.
Frequently Asked Questions
Common questions about this breach and what it means for you.