What happened?

Bizongo, India’s mumbai based supply chain giant was recently discovered as compromised by website planet researchers because of their servers breached. The AWS servers of the company exposed more than 640gb user data. The data is said to be stored on an mis-configured AWS S3 Bucket.

How much data is said to be affected?

According to the researchers at website planet, The breach appears to be worrying as the data of the customers that was exposed due to mis-configured AWS S3 bucket is said to be highly sensitive and confidential data. This mis-configured server was potentially exposed to hackers and other harmful individuals.

Who are said to be at risk due to the data breach?

The following are at risk:

  • Registered users
  • Users who have placed an order via bizongo platform.
  • Users who have sent orders via the platform.
  • Anyone who has placed an order with the company.

What kind of sensitive user data has been exposed in this breach?

The following are the data that has been said to be exposed in this data breach:

  • Full name.
  • Billing addresses.
  • Delivery addresses.
  • Phone numbers.
  • Invoice bills related to purchases.
  • financial details of buyers and sellers.
  • Tracking number of the shipments

Bizongo left these unsecured data sitting in their AWS S3 bucket, which was not properly configured as per security is concerned.

As a result, 2,532,610 files were exposed totalling 663gb worth of data.

What kind of ill effects can this type of data breach reciprocate to connected businesses?

Bizongo works with over 750 manufacturers, and supplies packaging to more than 400 clients. This means that businesses working with bizongo are affected with this.

These are the some well known businesses who work with bizongo:

  • Saso.
  • Jodhpur.
  • Delhivery.
  • Box 8.
  • Bunge.
  • Neolite.
  • Snapdeal.
  • Carnival Group.
  • Jio.
  • Cure.fit.
  • Swiggy.
  • Flipkart.

Also, any other businesses which have partnered with bizongo or work with them on the daily basis are also affected.

Does this data breach affect normal end users?

When such massive data breaches or leaks occur, it is always correct to assume that you too might be affected with it. Since there’s a lot of critical and confidential information that has been leaked in this breach, these are the kind of things that can happen with the users in the near future:

  • Identity Theft.
  • Scam.
  • Financial frauds.
  • Monetary thefts.

What can you do (as a business/user) to protect your data?

Data breaches, Data leaks, DDoS, Ransomware attacks, Defacing of websites etc can be quiet damaging to not only the finances of a organisation/individual but also affects their reputation and other aspects in the industry. There aren’t any proactive counter measures which can help you during such attacks though. Hence, it is always better to prepare, as Prevention is better than cure.

Here are some steps you can take to ensure your preventive measures against such scenarios:

  • Educate and train yourself & your employees against such attacks. Training against the known attack procedures can help you in long way.
  • Do not open any email whose source can’t be trusted. report the same to your admins for further investigation.
  • It is better to backup all the data that is being stored in your devices or servers. it is always better to have offline backups which can come in handy during such scenarios.
  • Rely on a good and trusted Security tools and solutions. No compromise can be done here as they are guarding your business.
  • Keep your private and work devices separate. If not possible, at least use different user environment on devices.
  • Always check about the bugs/vulnerabilities of the hardware and software you use, on their respective manufacturers page. They always release patches for their products, so be sure to install all those patches on time.
  • Use trusted VPN provider for your/organization devices and network. Don’t fall into the free VPN trap. They usually don’t work and store your information.
  • Always keep your devices up to date. You should install all the latest patch, drivers that are released only by the hardware manufacturer of your devices.
  • Try not to access websites whose identity cannot be verified. Most of these websites can be identified by their shady website UI and offering of Paid software’s in free.
  • Always listen to your IT Security consultant and plan your steps accordingly. You might know your business well, but your IT security consultant knows your systems and network better.
  • Always make sure that the servers[onsite servers or cloud servers] you use are properly configured and are done so by professional.
  • Hire a good security consultant with pentesting skills who can make sure that everything is at correct place and there is not chance of data leak or open ports which could lead to a data breach.
  • Do not pay ransom to the ransomware operators ever. This would never ensure whether you would get your data back or the operators would not public or delete your data.

By Siddhant Pathak

Cyber security architect, 7+ years experience in cyber security industry, Tech savy, Nature lover, Bullet 350 rider

Have some thoughts? why not share with us here.