BigBasket’s database has reportedly been listed on the dark web. This work has been done by a hacking group named ShinyHunters. This database, listed online, includes important information of users like email address, name, date of birth and phone number.
Infamous threat actor “ShinyHunters” just leaked the database of “BigBasket, a famous Indian ???????? online grocery delivery service. (@bigbasket_com,
20,000,000+ clients affected and information such as emails, names, hashed passwords, birthdates and phone numbers were leaked. pic.twitter.com/tD5TMxNkH7
— Alon Gal (Under the Breach) (@UnderTheBreach) April 25, 2021
Cyber-security researcher Rajshekhar Rajaharia told Gadgets 360 that the leaked database is related to the breach, which BigBasket itself confirmed in November last year.
ShinyHunters made the alleged BigBasket database available for download on the dark web last weekend. It is also said to include hashed passwords of affected customers. However, there is news that some passwords in plain text have now been put up for sale on the dark web.
Meanwhile, the website “Have i Been Pwned?”, which provides information to users about the leakage of their data, has been launched. has also sent emails to inform some affected users about the data leak.
You can check whether your information is in this database or not through Have I Been Pwned. You have to enter your email id or mobile number registered in BigBasket in the box given on the home page and click on the ‘pwned’ button. This website will show information about all the agreements made with the e-mail address you entered.