image courtesy: thefinancialexpress
Online shopping users of Flipkart are urged to reset their passwords due to security issues found, which could lead to the information of the users in danger. As a large amount of database from e-commerce store Big-Basket could be leaked of Flipkart customers who also used Big-basket with the same ID and passwords, experts said on Wednesday.
According to the cybercrime expert, Rajshekhar Rajaharia, a set of email addresses and passwords were sold out by the cybercriminals from allegedly leaked databases of BigBasket. As most of the customers using the same ID and passwords as most of the websites.
“It seems, some people are selling Bigbasket Email: Password combinations as Flipkart data. People are using the same password for all websites. Almost all emails are matching with Bigbasket DB (database). Change your Flipkart Passwords asap,” Rajaharia tweeted.
He also said Flipkart should secure its accounts.
“Anyone with a combination of leaked email and password can easily log in from anywhere including VPN/TOR to Flipkart. Please mandatory 2FA ( two-factor authentication…
Talking about other e-commerce sites like Amazon which has less risk of getting hacked as it sends an OTP for login when there is a change in the browser.
Also, he posted account details being sold on Telegram.
“In parallel, to create awareness on fraudulent activities we drive awareness campaigns across various media and social channels, educating customers on best practices for a safe online experience and to keep their accounts safe from unscrupulous cyber elements,” the spokesperson said.
In response to the incident, Flipkart spokesperson said that the team is absolutely focused on the security and safety of the customer data, no negligence shall be done. All the security systems and information is under control.
Queries sent to Amazon and BigBasket did not elicit any immediate response.