IndiaMART, India’s largest online B2B marketplace for business products and services with 10 million downloads suffered a breach. Sensitive data of more than 40,000 suppliers is believed to be leaked and sold on online forums.
Information leaked include suppliers’ user IDs, full names, addresses, email addresses, and phone numbers. The data was found on two underground forums.
Ashok Krishna from threat monitoring platform CloudSEK discovered data being sold on online forums estimated to be around 44,000 records.Deepanjli Paulraj, from CloudSEK further explains “We have been able to validate the data. It does belong to active IndiaMART vendors.
Krishna states he used publicly found sources to verify that the data was legitimate. The sample contains records registered in February 2016, primarily from the state of Gujarat.
Source of leak is unknown as IndiaMart is yet to comment on the leak.
To stay safe from scams, phishing campaigns etc, it is advised that users check the legitimacy of emails and the domains before giving out any personal or financial information, change passwords, enable the two-factor authentication as an extra layer of security and never share their one-time passwords (OTPs).