BigBasket.com

High Impact

1 October 2020

•

21,435,553 records affected

•

Dehashed

Search on Google

Description

In October 2020, BigBasket, a popular Indian grocery platform, experienced a data breach. Over 20 million customer records were affected, with sensitive information such as email addresses, IP addresses, physical addresses, names, phone numbers, full dates of birth, and passwords secured with Django(SHA-1) hash. Initially sold on dark web markets, the data was leaked publicly in April of the following year.

What to do if you're affected

1.Change your password immediately if you have an account with this service
2.Enable two-factor authentication (2FA) wherever possible
3.Check if your email appears in the breach using Have I Been Pwned
4.Monitor your accounts for suspicious activity
5.Consider using a password manager to generate unique passwords

Learn More About Data Breaches

Have I Been Pwned

Check if your data has been compromised

ENISA

EU Agency for Cybersecurity