Indian start-ups have been hit with a string of data breaches in recent days, and Mumbai-based digital supply-chain giant Bizongo reportedly became the latest name in the list on Tuesday.
Bizongo, an online packaging marketplace has suffered a data leak in which the company left highly sensitive customer information unsecured and potentially exposed to hackers and other malicious individuals.
Bizongo, which has Amazon, Flipkart, Myntra, Swiggy, and Zomato among the clients using its business-to-business (B2B) supply chain and vendor management solutions, exposed nearly 2.5 million files (amounting to 643 GB of data) carrying customer data, which is said to include names, delivery addresses, billing addresses, and phone numbers as well as payment details of clients.
The reason behind the incident is the company’s misconfigured AWS S3 data bucket. The bucket included two types of files — customer bills and shipping labels.
This may impact Bizongo heavily, leading to loss of business and credibility and a fall in reputation.
Customer Data Leaked During That Time
- PII data: Names, delivery addresses, billing addresses, and phone numbers of buyers have been exposed.
- Payment details: Bills containing purchase details and financial details of clients, along with shipping tracking numbers and financial data of buyers and sellers.
However, on 8th January 2021, the team checked the bucket again and the breach was Not found. During this period, approximately 2,532,610 files were exposed, equating to 643GB of data.