Saturday, October 16, 2021

Indian supply-chain giant Bizongo suffers a massive data breach

Must Read

UK judge Rejects Assange Extradition Request of WikiLeaks founder

The London judge ruled that Julian Assange would be at extreme risk of suicide if he were sent across...

Networking equipment vendor Belden Reveals data breach

Belden says hackers obtained a restricted number of the firm's servers.American media equipment seller Belden stated it had been...

Brave browser disables Google’s FLoC ad-tracking technology

Brave, a Chromium-based browser, has removed FLoC, Google's controversial alternative identifier to third-party cookies for tracking users across websites.Brave...

Indian start-ups have been hit with a string of data breaches in recent days, and Mumbai-based digital supply-chain giant Bizongo reportedly became the latest name in the list on Tuesday.

Bizongo, an online packaging marketplace has suffered a data leak in which the company left highly sensitive customer information unsecured and potentially exposed to hackers and other malicious individuals.

Bizongo, which has Amazon, Flipkart, Myntra, Swiggy, and Zomato among the clients using its business-to-business (B2B) supply chain and vendor management solutions, exposed nearly 2.5 million files (amounting to 643 GB of data) carrying customer data, which is said to include names, delivery addresses, billing addresses, and phone numbers as well as payment details of clients. 

The reason behind the incident is the company’s misconfigured AWS S3 data bucket. The bucket included two types of files — customer bills and shipping labels.

This may impact Bizongo heavily, leading to loss of business and credibility and a fall in reputation.

Customer Data Leaked During That Time

  • PII data: Names, delivery addresses, billing addresses, and phone numbers of buyers have been exposed.
  • Payment details: Bills containing purchase details and financial details of clients, along with shipping tracking numbers and financial data of buyers and sellers.

However, on 8th January 2021, the team checked the bucket again and the breach was Not found. During this period, approximately 2,532,610 files were exposed, equating to 643GB of data. 

a2434345d63481a40f0d145881b41013?s=96&d=mm&r=g
Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.

Leave a reply

Please enter your comment!
Please enter your name here

Latest News

Unified endpoint management automation software to boost endpoint security

Endpoints are constantly connected to the internet, so they offer a gateway for cyberattacks. Endpoint security is simply the process...

Attackers Using Morse Code in phishing campaign to Evade Detection

Microsoft on Thursday revealed the techniques used by attackers to avoid detection using morse code in the phishing campaign.Microsoft also revealed the workings of...

Murata Manufacturing suffers data breach of employees and customer

Japanese electronic components manufacturer Murata has released an apology Notice for the data breach of thousands of files in June that contained bank account...

Everything about Signalling System 7(SS7)

Signaling System 7 (SS7) is an international telecommunication protocol standard that controls and regulates the network elements in a public switched telephone network (PSTN)....

Zimbra flaw lets attackers access the mail servers

Researchers discovered a flaw in the open-source Zimbra code. As a result, an attacker would gain unrestricted access to all sent and received emails...

More Articles Like This