More than 20 million BigBasket users’ data were recently leaked on a well-known hacking forum known as “ShinyHunter” It’s a popular online grocery delivery service in India, that allows users to order groceries online and convey them to their homes.
A hackers forum user, ShinyHunter has recently posted the leaked database of BigBasket users for free, and not only that even the ShinyHunter has also claimed that he has stolen this database from BigBasket.
Moreover, the leaked database contains more than 20 million personal information and hashed passwords of the BigBasket users.
We have already reported a previous BigBasket data leak last in November 2020, in which Over 20 Million BigBasket Customers Data Exposed in DarkWeb.
According to the reports, earlier when in Nov 2020 BigBasket itself has confirmed this data breach, at that time ShinyHunter tried to trade this stolen database in the private sales of the hackers’ forums.
Apart from this, the CEO of the BigBasket, Hari Menon affirmed that the experts urged them to not reveal any information regarding this data breach, as this could impede the investigation.
Generally, ShinyHunter sells all the older breached databases privately in private sales of hackers’ forums. But, now according to the reports, ShinyHunter has recently released the whole database for free that contains more than 20 million personal information and passwords of the BigBasket users.
The security experts have professed that ShinyHunter is also implicated in other data breaches like Tokopedia, TeeSpring, Minted, Chatbooks, Dave, Promo, Mathway, Wattpad, and it goes on.
The other members of the forum where ShinyHunter posted the leaked database of 20 million users have managed to decode 2 million passwords, and not only that even another member of that forum also claimed that more than 700k users of this leaked database have used “password” as their password for BigBasket account.
The leaked database contains the following details of BigBasket users:-
So, as a security measure, the analysts have recommended all the users of BigBasket to immediately change their passwords of BigBasket accounts, and also on the sites where they are using these same leaked passwords.
Ivanti has issued an urgent security advisory for CVE-2025-22457, a critical vulnerability impacting Ivanti Connect…
A concerning malware campaign was disclosed by the AhnLab Security Intelligence Center (ASEC), revealing how…
EncryptHub, a rapidly evolving cybercriminal entity, has come under intense scrutiny following revelations of operational…
A sophisticated phishing campaign, dubbed "PoisonSeed," has been identified targeting customer relationship management (CRM) and…
A surge in phishing text messages claiming unpaid tolls has been linked to a massive…
The State Bar of Texas has confirmed a data breach following the detection of unauthorized…