Friday, July 23, 2021

Indian supply-chain giant Bizongo suffers a massive data breach

Must Read

GoDaddy has confirmed that workers became embroiled in broader cryptocurrency attacks.

GoDaddy workers were exploited to ease attacks on multiple cryptocurrency exchanges through social engineering and phishing. Staff in the domain...

Singapore is strengthening guidelines for the financial services sector

The revised technical risk management guidelines include financial institutional directives to use “strong oversight” of arrangements with third-party service...

Mozilla will roll out its VPN service in Germany and France in Q1 2021

Mozilla is expected to expand its virtual private network (VPN) offering in Germany and France by the end of...

Indian start-ups have been hit with a string of data breaches in recent days, and Mumbai-based digital supply-chain giant Bizongo reportedly became the latest name in the list on Tuesday.

Bizongo, an online packaging marketplace has suffered a data leak in which the company left highly sensitive customer information unsecured and potentially exposed to hackers and other malicious individuals.

Bizongo, which has Amazon, Flipkart, Myntra, Swiggy, and Zomato among the clients using its business-to-business (B2B) supply chain and vendor management solutions, exposed nearly 2.5 million files (amounting to 643 GB of data) carrying customer data, which is said to include names, delivery addresses, billing addresses, and phone numbers as well as payment details of clients. 

The reason behind the incident is the company’s misconfigured AWS S3 data bucket. The bucket included two types of files — customer bills and shipping labels.

This may impact Bizongo heavily, leading to loss of business and credibility and a fall in reputation.

Customer Data Leaked During That Time

  • PII data: Names, delivery addresses, billing addresses, and phone numbers of buyers have been exposed.
  • Payment details: Bills containing purchase details and financial details of clients, along with shipping tracking numbers and financial data of buyers and sellers.

However, on 8th January 2021, the team checked the bucket again and the breach was Not found. During this period, approximately 2,532,610 files were exposed, equating to 643GB of data. 

a2434345d63481a40f0d145881b41013?s=96&d=mm&r=g
Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest News

OAIC: Uber found to have interfered with the privacy of over 1.2 million Australians

The Office of the Australian Information Commissioner (OAIC) has determined that Uber Technologies, Inc. and Uber B.V. have interfered...

Over 80 US Municipalities data are exposed due to Misconfigured Amazon S3

A team of Cybersecurity researchers at Wizcase found major data exposure of Over 80 US Municipalities due to the Misconfigured Amazon S3 Bucket. This happened...

Formbook malware Upgraded as an XLoader malware to Attack macOS Systems

Researchers have spotted an upgraded malware variant of Formbook malware which is now Upgraded as an XLoader malware to Attack macOS Systems. Cybersecurity researchers on...

Millions of HP, Samsung, Xerox Printers are Vulnerable to 16 year old bug

A 16-year-old security vulnerability affects Millions of HP, Samsung, Xerox Printers Driver allows attackers to gain admin rights on systems using the vulnerable driver...

MosaicLoader malware targets cracked software via SEO poisoning

New MosaicLoader malware targets users that are searching to download cracked software. Cybercriminals run ad campaigns in search engine results to boost their malicious...

More Articles Like This