Bengaluru: Zivame, an e-commerce store for women’s lingerie, lounge wear, active wear and other apparel has faced a data breach and now several Indian women’s personal data has been put up online for sale.
According to the report, threat actors have put personal information of at least 1.5 million Indian women, who accessed the Zivame website as customers, for sale.
The information put online for sale include name, email, phone number as well as the physical address of the female customers of Zivame. Notably, information of this site are of immensely sensitive considering the primary sale of the e-commerce site is lingerie for women.
The India Today Open Source Intelligence (OSINT) team had spoken to one of the threat actors and claimed that the OSINT possessed the alleged data and willing to sell it for $500 in cryptocurrencies.
In their operation, India Today encountered a seller who insisted that the data they were selling was not available in public domain. The seller, according to the report, also shared sample dataset of over 1,500 users, containing their names, addresses, and contact details. The seller insisted on receiving payment only in cryptocurrency, which is a common practice in such cases.
According to the report, this data hack was undertaken by the same group who in the pas had allegedly sold 7.1 million LinkedIn profile data and 1.21 million Rentomojo (furniture renting start-up) data.
Earlier, this month, the former chief security officer for Uber was sentenced to probation for trying to cover up a 2016 data breach in which hackers accessed tens of millions of customer records from the ride-hailing service.
Discussion about this post