Threat actors behind the recent Juspay data breach, which compromised 35 million of its users’ credit and debit card details, are now selling databases of three more India-based enterprises – ClickIndia, ChqBook, and WedMeGood on Darknet forums. ClickIndia is an E-marketplace, ChqBook is a fintech startup, and WedMeGood is a wedding planning platform. All three companies have a significant customer base and hold a lot of sensitive information.
According to cybersecurity researcher Rajshekhar Rajaharia, threat actors that go by the name “ShinyHunters” are selling data dumps that contain 8 million records of ClickIndia (name, email, mobile and other personal details), 1 million records of ChqBook (name, email, mobile, full address, and other personal details), and 1.3 million from WedMeGood (name, email, hashed password, other sensitive personal information). Rajaharia has opined that there might be some connection between all these data breaches.
Same hacker who was selling @JusPay DB now selling DBs of more Indian companies on Dark Web. @clickindia – 8Mn @chqbook – 1Mn @wedmegood – 1.3Mn. Same Hacker also selling @bigbasket_com too. May be a strong connection between all these recent data leaks. #InfoSec #DataLeak #GDPR pic.twitter.com/zs0mA7NjLR
— Rajshekhar Rajaharia (@rajaharia) January 6, 2021
As per reports, ShinyHunters was also behind the BigBasket data breach, previously reported by the security firm Cyble in November 2020. BigBasket, an India-based grocery e-commerce platform, suffered a data breach incident that exposed personal details of over two crore customers. The stolen database was available for sale on a dark web market. Hackers sold the database for over $40,000 with the table name “member_member.” The size of the database (SQL file) was around 15 GB and contained over 20 million customers’ personal data.