#1 Trending Cyber Security News & Magazine
Thursday, June 8, 2023
No Result
View All Result
The Cyber Express
  • MagazineDownload
  • Firewall Daily
    • All
    • Dark Web News
    • Data Breach News
    • Hacking News
    • Ransomware News
    • Vulnerabilities
    Longhorn Cyber Attack

    Longhorn Cyber Attack Puts Data of 28000 Patients at Risk

    Thai Meteorological Department Cyber Attack

    Thai Meteorological Department Cyber Attack, LockBit Sets Deadline

    Lockbit Ransomware

    Cross City Tunnel and 23 New Victims: Lockbit Ransomware Gang Goes on a Hacking Spree

    MOVEit Data Leak

    Cl0p Ransomware Extends MOVEit Data Leak Deadline to June 14

    OpenAI Cyber Attack

    OpenAI Cyber Attack: Anonymous Sudan Claims to Carry ‘Test Attack’ on ChatGPT Creator

    HelloTeacher malware

    HelloTeacher Malware Impersonates Messaging Apps to Target Vietnamese Users

    MOVEit Vulnerability

    MOVEit Vulnerability Hits British Airways, BBC And More; Cl0p Ransomware Claims Attacks

    Adstra Cyber Attack

    LockBit Ransomware Group Claims Responsibility of Adstra Cyber Attack

    SEC charges Binance

    SEC Charges Binance and Founder Changpeng Zhao with 13 Violations

    Trending Tags

    • blackbyte ransomware
    • Ransomware
    • lapsus$ ransomware
    • Apple
    • Apple vulnerability
  • Essentials
    • All
    • Compliance
    • Governance
    • Policy Updates
    • Regulations
    Martin Sloan, Five Years Of GDPR

    Five Years of GDPR: There is a Long Way to Run on Cross-Border Data Transfers

    Nokoyawa Ransomware Group

    All You Need to Know About The Nokoyawa Ransomware Group

    StopRansomware Guide

    Updated StopRansomware Guide Warns of Ransomware’s Shape Shifting Tactics

    Microsoft Entra

    Microsoft Build 2023: Microsoft Entra Introduced With New Identity and Access Features

    Data Protection Commission

    Irish Data Protection Commission imposes $1.3bn Fine on Meta

    US Police Auction Seized Cell Phones Without Wiping Data, Sparks Privacy Concerns

    US Police Auction Seized Cell Phones Without Wiping Data, Sparks Privacy Concerns

    disclosing cybersecurity incidents

    Why Victims Fail to Disclose Cybersecurity Incidents, And Why They Should

    Stakeholder Communication During Crisis

    Stakeholder Communication During Crisis: How to Get It Right

    Government Regulation of AI businesses

    Government Regulation of AI businesses: UK Competition Watchdog Launches Review

    • Regulations
    • Compliance
    • Governance
    • Policy Updates
  • Features
    • Cyber Warfare
    • Espionage
    • Workforce
      • Learning & Development
  • Business
    • All
    • Appointments
    • Budgets
    • Mergers & Aquisitions
    • Partnerships
    • Press Release
    • Startups
    Billtrust Appoints Ankur Ahuja

    Billtrust Appoints Ankur Ahuja as SVP and Chief Information Security Officer

    Cybertech Africa

    Cybertech Africa: The Pan-African Event for Innovation and Networking

    IBM Acquired Polar Security

    IBM Acquires Polar Security Reportedly For $60 Million

    World CyberCon Middle East 2023

    World CyberCon Middle East 2023: The Premier Cybersecurity Conference in the Region

    ODIN by Cyble

    Cyble Launches ODIN: A Revolutionary Tool for Unparalleled Internet Exploration

    cybersecurity investments

    Cybersecurity Investments Up in April, Market Watchers Predict Growth of Over $700 billion

    OilRig APT

    Experts Warn of Increased IT Supply Chain Attacks by OilRig APT in Middle East

    World Password Day 2023

    World Password Day 2023: Protect Your Password, Create an Unbreakable One

    national cybersecurity strategy

    US National Cybersecurity Strategy: Businesses, Let’s Start with Disclosure!

    • Startups
    • Mergers & Aquisitions
    • Partnerships
    • Appointments
    • Budgets
    • Research
      • Whitepapers
      • Sponsored Content
      • Market Reports
    • Interviews
      • Podcast
  • EventsCyberCon
    • World CyberCon Middle East 2023
    •  Cyber Security Webinar
    • Endorsed Events
  • ProductsTools
    • Cyble Vision
    • Cyble Hawk (LEA, Govt.)
    • Am I Breached
    • Cyble Odin (Beta)
SUBSCRIBE
  • MagazineDownload
  • Firewall Daily
    • All
    • Dark Web News
    • Data Breach News
    • Hacking News
    • Ransomware News
    • Vulnerabilities
    Longhorn Cyber Attack

    Longhorn Cyber Attack Puts Data of 28000 Patients at Risk

    Thai Meteorological Department Cyber Attack

    Thai Meteorological Department Cyber Attack, LockBit Sets Deadline

    Lockbit Ransomware

    Cross City Tunnel and 23 New Victims: Lockbit Ransomware Gang Goes on a Hacking Spree

    MOVEit Data Leak

    Cl0p Ransomware Extends MOVEit Data Leak Deadline to June 14

    OpenAI Cyber Attack

    OpenAI Cyber Attack: Anonymous Sudan Claims to Carry ‘Test Attack’ on ChatGPT Creator

    HelloTeacher malware

    HelloTeacher Malware Impersonates Messaging Apps to Target Vietnamese Users

    MOVEit Vulnerability

    MOVEit Vulnerability Hits British Airways, BBC And More; Cl0p Ransomware Claims Attacks

    Adstra Cyber Attack

    LockBit Ransomware Group Claims Responsibility of Adstra Cyber Attack

    SEC charges Binance

    SEC Charges Binance and Founder Changpeng Zhao with 13 Violations

    Trending Tags

    • blackbyte ransomware
    • Ransomware
    • lapsus$ ransomware
    • Apple
    • Apple vulnerability
  • Essentials
    • All
    • Compliance
    • Governance
    • Policy Updates
    • Regulations
    Martin Sloan, Five Years Of GDPR

    Five Years of GDPR: There is a Long Way to Run on Cross-Border Data Transfers

    Nokoyawa Ransomware Group

    All You Need to Know About The Nokoyawa Ransomware Group

    StopRansomware Guide

    Updated StopRansomware Guide Warns of Ransomware’s Shape Shifting Tactics

    Microsoft Entra

    Microsoft Build 2023: Microsoft Entra Introduced With New Identity and Access Features

    Data Protection Commission

    Irish Data Protection Commission imposes $1.3bn Fine on Meta

    US Police Auction Seized Cell Phones Without Wiping Data, Sparks Privacy Concerns

    US Police Auction Seized Cell Phones Without Wiping Data, Sparks Privacy Concerns

    disclosing cybersecurity incidents

    Why Victims Fail to Disclose Cybersecurity Incidents, And Why They Should

    Stakeholder Communication During Crisis

    Stakeholder Communication During Crisis: How to Get It Right

    Government Regulation of AI businesses

    Government Regulation of AI businesses: UK Competition Watchdog Launches Review

    • Regulations
    • Compliance
    • Governance
    • Policy Updates
  • Features
    • Cyber Warfare
    • Espionage
    • Workforce
      • Learning & Development
  • Business
    • All
    • Appointments
    • Budgets
    • Mergers & Aquisitions
    • Partnerships
    • Press Release
    • Startups
    Billtrust Appoints Ankur Ahuja

    Billtrust Appoints Ankur Ahuja as SVP and Chief Information Security Officer

    Cybertech Africa

    Cybertech Africa: The Pan-African Event for Innovation and Networking

    IBM Acquired Polar Security

    IBM Acquires Polar Security Reportedly For $60 Million

    World CyberCon Middle East 2023

    World CyberCon Middle East 2023: The Premier Cybersecurity Conference in the Region

    ODIN by Cyble

    Cyble Launches ODIN: A Revolutionary Tool for Unparalleled Internet Exploration

    cybersecurity investments

    Cybersecurity Investments Up in April, Market Watchers Predict Growth of Over $700 billion

    OilRig APT

    Experts Warn of Increased IT Supply Chain Attacks by OilRig APT in Middle East

    World Password Day 2023

    World Password Day 2023: Protect Your Password, Create an Unbreakable One

    national cybersecurity strategy

    US National Cybersecurity Strategy: Businesses, Let’s Start with Disclosure!

    • Startups
    • Mergers & Aquisitions
    • Partnerships
    • Appointments
    • Budgets
    • Research
      • Whitepapers
      • Sponsored Content
      • Market Reports
    • Interviews
      • Podcast
  • EventsCyberCon
    • World CyberCon Middle East 2023
    •  Cyber Security Webinar
    • Endorsed Events
  • ProductsTools
    • Cyble Vision
    • Cyble Hawk (LEA, Govt.)
    • Am I Breached
    • Cyble Odin (Beta)
No Result
View All Result
The Cyber Express
No Result
View All Result
Home Firewall Daily

BigBasket, Rentomojo, Now Zivame Data Breach: Indian E-Retail Has a Cybersecurity Problem

The cybercriminal group behind the alleged Zivame data breach was also linked to the recent Rentomojo cyber attack that impacted over 1.5 lakh users

Vishwa Pandagle by Vishwa Pandagle
May 23, 2023
in Firewall Daily, Hacker Claims
0
Zivame Data Breach
599
SHARES
3.3k
VIEWS
Share on LinkedInShare on Twitter

Zivame, an online lingerie store based in India, has allegedly been breached with the data of over 1.5 million users up for sale online. Zivame data breach is the latest in the long chain of Indian e-retailers that faced cyber attacks.

The stolen information from the Zivame data breach includes the names, emails, numbers, and addresses of the customers.

You might also like

NoName Hacker Group Sets Sights on Swiss Parliament and SSG in Cyber Assault

Have Your Patched This Google Chromium Vulnerability Yet?

When Hackers Take the Bait: ‘Sex Championship’ Ruse Sparks Operation OpSweden

According to reports, the cybercriminal group behind the alleged Zivame data breach was also linked to the Rentomojo cyber attack, the furniture rental startup. The group ‘ShinyHunters’ claimed to steal data belonging to nearly 1.5 lakh users from the Indian furniture company.

While the Rentomojo cyber attack incident was confirmed by the company, Zivame is yet to release any official statement addressing the Zivame data breach.

A large customer base and an equally large access points make Indian e-retail a low-hanging fruit for cybercriminals and data pilferers. It’s official: Indian e-retail has a cybersecurity problem.

Zivame data breach, hacker provides proof

The India Today Open Source Intelligence (OSINT) team, disguised as a customer, spoke with the cybercriminals regarding the stolen data. The cybercriminals claimed to sell all the stolen data from Zivame for $500 in cryptocurrencies, an India Today report read.

The cybercriminal claimed that the data was not leaked when they were approached. Only a sample dataset of over 1,500 users was provided as proof. The sample data contained names, addresses, and other contact information.

Zivame Data Breach
Redacted ample data on sale (Photo: India Today)

The news media contacted the individuals whose details were found in the dark web samples. They confirmed that it was their genuine information.

The Cyber Express emailed the company seeking confirmation about the alleged Zivame data breach. We will update the report post receiving a reply.

ShinyHunters became popular in 2020 when they claimed to steal over 200 million records from 13 companies. They also claimed a Microsoft data breach stealing source code from their private GitHub accounts.

The hacker group targets customers using Microsoft Office 365 and companies that store GitHub open authorization tokens.

They look for employee credentials from companies and GitHub repository code for vulnerabilities to gain access to systems.

Indian data breach statistics in the past few years

Data breaches have been found to have fallen by 75% in 2023, according to reports. This was because nearly 65 accounts in India were earlier hacked in a minute which dropped to 16 accounts per minute in Q1 2023.

This was despite India’s ranking in the 7th position among the most cyber-breached nations, globally. Over 8.5 million accounts were leaked in Q4 of 2022 which dropped to 2 million in Q1 of 2023.

2022 was the worst for India in terms of data breaches with the cyber attack on Delhi’s All-India Institute of Medical Sciences drawing attention to security gaps in systems. Of nearly 829 million cyber attacks globally in the fourth quarter of 2022, nearly 59% were Indian entities.

CERT-In found nearly 3,94,499 cyber incidents in 2019 and about 11,58,208 in 2020. In 2021, the number increased to 14,02,809.

A major cause for data breaches in India was found to be human errors as was with most other countries and organizations across the globe.

This reiterates the need for training in maintaining adequate cyber hygiene and not just the work areas of each employee.

Maintaining security from data breaches and preserving systems from cyber attacks

As preventive measures, it is important to enable remote monitoring of the network for detecting threats.

Besides monitoring, having data backups can help if the compromised systems were erased post the cyber attack. Automated remote backup systems can make it easier to keep a tab on data security.

Keeping only the data that a company requires and is legally entitled to be a must failing which the stored data gets vulnerable to hacks and further investigation from legal authorities.

Data retention standards must be strictly adhered to by companies to avoid amassing sensitive user information.

Not just online credentials, it is important to destroy or safely maintain physical documents that can be misused by criminals or insider threats. With most of the security tools in place, it is imperative to have the employee know how to report threats.

Indian e-retail has a cybersecurity problem

In the past decade, India’s online retail market has undergone a major transformation with experts predicting the the Indian e-commerce to cross $350 Bn mark by 2030, growing at a CAGR of 23%.

Another report released by consulting firm Bain & Company estimates India’s e-retail market to grow at 25-30% annual growth, with its shopper base expected to increase to 400–450 million by 2027, surpassing the US in the next couple of years.

However, the upward growth trajectory has also drawn the attention of cybercriminals, who are now targeting India’s online retail industry.

According to the Sophos State of Ransomware 2021, India’s retail industry is the most vulnerable to ransomware attack, with the hackers attacking unsecure local businesses.

Cybercriminals, as reported by Inc42 Media, are targeting retail ecommerce companies mainly for two reasons. One, quick access to sensitive data, both financial and personal. Second, e-retail, especially those that cropped up post the Covid-19 outbreak, are more susceptible to sophisticated cyber attacks since they have little to no focus on cyber security.

Moreover, the report highlighted that though customers trust the e-retailers, there can be major loopholes in the security that may not be able to prevent cyber attacks by seasoned cyber criminals.

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

Share this:

  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Reddit (Opens in new window)
  • Click to share on Twitter (Opens in new window)
  • Click to share on Facebook (Opens in new window)
  • More
  • Click to email a link to a friend (Opens in new window)
  • Click to share on WhatsApp (Opens in new window)

Related

Tags: Zivame Data Breach
Previous Post

Gatwick Express Cyber Attack: NoName Ransomware Gang Takes Responsibility

Next Post

Chattanooga State Community College Cyber Attack Claimed by Snatch Ransomware

Vishwa Pandagle

Vishwa Pandagle

Vishwa Pandagle is a Technical Writer at The Cyber Express. She writes cybersecurity news related to data breaches, ransomware, phishing, and best practices among others. She also writes about cybersecurity developments and likes interacting with experts in this field. When not working, she likes self-reflecting, meditating, volunteering, and going for long walks.

Related Posts

NoName Hacker Group
Firewall Daily

NoName Hacker Group Sets Sights on Swiss Parliament and SSG in Cyber Assault

by Ashish Khaitan
June 8, 2023
Google Chromium vulnerability
Firewall Daily

Have Your Patched This Google Chromium Vulnerability Yet?

by Editorial
June 8, 2023
Operation OpSweden
Firewall Daily

When Hackers Take the Bait: ‘Sex Championship’ Ruse Sparks Operation OpSweden

by Editorial
June 8, 2023
Government Cybersecurity Preparedness
Features

A Tale of Two US Audits: Why Does Government Cybersecurity Preparedness Fail Miserably?

by Chandu Gopalakrishnan
June 8, 2023
Longhorn Cyber Attack
Firewall Daily

Longhorn Cyber Attack Puts Data of 28000 Patients at Risk

by Ashish Khaitan
June 7, 2023
Next Post
Community College Cyber Attack

Chattanooga State Community College Cyber Attack Claimed by Snatch Ransomware

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest Issue is Out. Subscribe Now

Cyber express

CRIL


Follow Us On Google News

Never miss an update. Subscribe!

* indicates required

mailchimp

Latest Cyber News

NoName Hacker Group
Firewall Daily

NoName Hacker Group Sets Sights on Swiss Parliament and SSG in Cyber Assault

June 8, 2023
Google Chromium vulnerability
Firewall Daily

Have Your Patched This Google Chromium Vulnerability Yet?

June 8, 2023
Operation OpSweden
Firewall Daily

When Hackers Take the Bait: ‘Sex Championship’ Ruse Sparks Operation OpSweden

June 8, 2023
Government Cybersecurity Preparedness
Features

A Tale of Two US Audits: Why Does Government Cybersecurity Preparedness Fail Miserably?

June 8, 2023

Categories

Web Stories

Top 10 CISOs to Follow in 2023
Top 10 CISOs to Follow in 2023
Top 10 Ransomware Gangs in 2023
Top 10 Ransomware Gangs in 2023
Top 5 IoT Security Risks in 2023
Top 5 IoT Security Risks in 2023
Top 10 CTF Platforms in 2023
Top 10 CTF Platforms in 2023
Types of Risks Covered by Cyber Insurance
Types of Risks Covered by Cyber Insurance

About

The Cyber Express by Cyble

#1 Trending Cyber Security News and Magazine

The Cyber Express  by Cyble is a handbook for all stakeholders of the internet that provides information security professionals with the latest news, updates and knowledge they need to combat cyber threats.

 

Contact

For editorial queries: [email protected]

For marketing and Sales: [email protected]

For Events & Conferences related information: [email protected]

 

Quick Links

  • About Us
  • Advertise With Us
  • Contact Us
  • Editorial Calendar

Our Address

We’re remote friendly, with office locations around the world:

San Francisco, Atlanta, Rome,
Dubai, Mumbai, Bangalore, Hyderabad,  Singapore, Jakarta, Sydney, and Melbourne

 

Headquarters:

The Cyber Express LLC
555 North Point Center E
Alpharetta, GA 30022, USA.

 

India Office:

Cyber Express Media Network
HD-021, 4th Floor, C Wing, Building No.4. Nesco IT Park, WE Highway, Goregaon East, Mumbai, Maharashtra, India – 4000063

Subscribe to Our Feed

RSS Feeds

Follow Us On Google News
  • Privacy Statement
  • Terms of Use
  • Write For Us

© 2022 The Cyber Express (Cyber Security News and Magazine) | By Cyble Inc.

No Result
View All Result
  • Magazine
  • Firewall Daily
  • Essentials
    • Regulations
    • Compliance
    • Governance
    • Policy Updates
  • Features
    • Cyber Warfare
    • Espionage
    • Workforce
      • Learning & Development
  • Business
    • Startups
    • Mergers & Aquisitions
    • Partnerships
    • Appointments
    • Budgets
    • Research
      • Whitepapers
      • Sponsored Content
      • Market Reports
    • Interviews
      • Podcast
  • Events
    • World CyberCon Middle East 2023
    •  Cyber Security Webinar
    • Endorsed Events
  • Products
    • Cyble Vision
    • Cyble Hawk (LEA, Govt.)
    • Am I Breached
    • Cyble Odin (Beta)

© 2022 The Cyber Express (Cyber Security News and Magazine) | By Cyble Inc.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.
Top 10 CISOs to Follow in 2023 Top 10 Ransomware Gangs in 2023 Top 5 IoT Security Risks in 2023 Top 10 CTF Platforms in 2023 Types of Risks Covered by Cyber Insurance