{ "id": "7ebf2fbb-bf86-4528-9f78-ab290ccefba5", "created_at": "2026-04-06T00:15:32.474723Z", "updated_at": "2026-04-10T03:34:59.515541Z", "deleted_at": null, "sha1_hash": "a14f7e7f7e0183bd9dccbdfda61511f80e58a75b", "title": "Hacker leaks 20 million alleged BigBasket user records for free", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 4077329, "plain_text": "Hacker leaks 20 million alleged BigBasket user records for free\r\nBy Lawrence Abrams\r\nPublished: 2021-04-25 · Archived: 2026-04-05 18:22:41 UTC\r\nA threat actor has leaked approximately 20 million BigBasket user records containing personal information and hashed\r\npasswords on a popular hacking forum.\r\nBigBasket is a popular Indian online grocery delivery service that allows people to shop online for food and deliver it to\r\ntheir homes.\r\nThis morning, a well-known seller of data breaches known as ShinyHunters posted a database for free on a hacker forum\r\nthat he claims was stolen from BigBasket.\r\nhttps://www.bleepingcomputer.com/news/security/hacker-leaks-20-million-alleged-bigbasket-user-records-for-free/\r\nPage 1 of 4\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/hacker-leaks-20-million-alleged-bigbasket-user-records-for-free/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\nBigBasket database leaked for free\r\nIn November 2020, BigBasket confirmed to Bloomberg News that they had suffered a data breach after ShinyHunter had\r\npreviously tried to sell the stolen data in private sales.\r\n“There’s been a data breach and we’ve filed a case with the cybercrime police,” BigBasket CEO  Hari Menon told\r\nBloomberg News. “The investigators have asked us not to reveal any details as it might hamper the probe.”\r\nAs is typical for older breaches privately sold by ShinyHunters, the threat actor has now released the whole database for\r\nfree, which reportedly contains more than 20 million user records.\r\nInfamous threat actor ShinyHunters just leaked the database of BigBasket, a famous Indian online grocery\r\ndelivery service. (@bigbasket_com)\r\n20,000,000+ clients affected and information such as emails, names, hashed passwords, birthdates and phone\r\nnumbers were leaked. pic.twitter.com/tD5TMxNkH7\r\n— Alon Gal (Under the Breach) (@UnderTheBreach) April 25, 2021\r\nThe database includes BigBasket customer information, including email addresses, SHA1 hashed passwords, addresses,\r\nphone numbers, and other assorted information.\r\nSample of records in the database\r\nThe passwords are hashed using the SHA1 algorithm, and forum members have claimed to crack 2 million of the listed\r\npasswords already. Another member claims that 700k of the customers used the password 'password' for their accounts.\r\nIn the past, ShinyHunters has been responsible for or involved in other data breaches, including Tokopedia, TeeSpring,\r\nMinted, Chatbooks, Dave, Promo, Mathway, Wattpad, and many more.\r\nWhat should BigBasket customers do now?\r\nAs BleepingComputer has confirmed that some of the records are accurate, including information specific to the BigBasket\r\nservice, customers should play it safe and assume that their customer info has been leaked as well.\r\nIt is strongly suggested that all BigBasket users immediately change their passwords on BigBasket and at any other sites\r\nusing the same password.\r\nA password manager is recommended to help you manage the unique passwords you use at different sites.\r\nhttps://www.bleepingcomputer.com/news/security/hacker-leaks-20-million-alleged-bigbasket-user-records-for-free/\r\nPage 3 of 4\n\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/hacker-leaks-20-million-alleged-bigbasket-user-records-for-free/\r\nhttps://www.bleepingcomputer.com/news/security/hacker-leaks-20-million-alleged-bigbasket-user-records-for-free/\r\nPage 4 of 4", "extraction_quality": 1, "language": "EN", "sources": [ "ETDA" ], "references": [ "https://www.bleepingcomputer.com/news/security/hacker-leaks-20-million-alleged-bigbasket-user-records-for-free/" ], "report_names": [ "hacker-leaks-20-million-alleged-bigbasket-user-records-for-free" ], "threat_actors": [ { "id": "c071c8cd-f854-4bad-b28f-0c59346ec348", "created_at": "2023-11-08T02:00:07.132524Z", "updated_at": "2026-04-10T02:00:03.422366Z", "deleted_at": null, "main_name": "ShinyHunters", "aliases": [], "source_name": "MISPGALAXY:ShinyHunters", "tools": [], "source_id": "MISPGALAXY", "reports": null }, { "id": "6f7f2ed5-f30d-4a99-ab2d-f596c1d413b2", "created_at": "2025-10-24T02:04:50.086223Z", "updated_at": "2026-04-10T02:00:03.770068Z", "deleted_at": null, "main_name": "GOLD CRYSTAL", "aliases": [ "Scattered LAPSUS$ Hunters", "ShinyCorp", "ShinyHunters" ], "source_name": "Secureworks:GOLD CRYSTAL", "tools": [], "source_id": "Secureworks", "reports": null }, { "id": "aa73cd6a-868c-4ae4-a5b2-7cb2c5ad1e9d", "created_at": "2022-10-25T16:07:24.139848Z", "updated_at": "2026-04-10T02:00:04.878798Z", "deleted_at": null, "main_name": "Safe", "aliases": [], "source_name": "ETDA:Safe", "tools": [ "DebugView", "LZ77", "OpenDoc", "SafeDisk", "TypeConfig", "UPXShell", "UsbDoc", "UsbExe" ], "source_id": "ETDA", "reports": null }, { "id": "75108fc1-7f6a-450e-b024-10284f3f62bb", "created_at": "2024-11-01T02:00:52.756877Z", "updated_at": "2026-04-10T02:00:05.273746Z", "deleted_at": null, "main_name": "Play", "aliases": null, "source_name": "MITRE:Play", "tools": [ "Nltest", "AdFind", "PsExec", "Wevtutil", "Cobalt Strike", "Playcrypt", "Mimikatz" ], "source_id": "MITRE", "reports": null }, { "id": "d8dff631-87b0-4320-8352-becff28dbcf1", "created_at": "2022-10-25T16:07:24.565038Z", "updated_at": "2026-04-10T02:00:05.034516Z", "deleted_at": null, "main_name": "ShinyHunters", "aliases": [], "source_name": "ETDA:ShinyHunters", "tools": [], "source_id": "ETDA", "reports": null } ], "ts_created_at": 1775434532, "ts_updated_at": 1775792099, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/a14f7e7f7e0183bd9dccbdfda61511f80e58a75b.pdf", "text": "https://archive.orkl.eu/a14f7e7f7e0183bd9dccbdfda61511f80e58a75b.txt", "img": "https://archive.orkl.eu/a14f7e7f7e0183bd9dccbdfda61511f80e58a75b.jpg" } }