IndiaMart data breach, 20 million unique email ids

[D C]

Just received an email from haveibeenpwned regarding indiamart breach.

Had this news article linked in the email.

Data breach or data scraping? With over 38 million records up for grabs, IndiaMART has some answering to do

On Monday, Troy Hunt, creator of data-breach record index Have I Been Pwned, put out a tweet asking for the coordinates of the security contact at IndiaMART.

m.economictimes.com

 

[Kaleen Bhaiya]

Wished there was a roll-eye emoticon other than the usual 6. At this point people have become just used to it.

 

[DrkLord]

Wished there was a roll-eye emoticon other than the usual 6. At this point people have become just used to it.

There won't be massive outrage in India until it is too late and a substantial number of people feel the effects of data theft...which with how everything is getting connected to everything else might lead to identity theft and what not.

 

[kalph09]

This data breach will hurt businesses as IndiaMart dealt mostly with B2B customers.

Having worked for one of their main rivals a long time ago. For me, this is no surprise considering the outdated system they used. What surprised me was why it took so long.

 

[DrkLord]

What surprised me was why it took so long.

Perhaps only discovery of breach is recent. Perhaps the hackers aimed their guns on Indian sites only now. Anyway, sad state of affairs.

 

[rdst_1]

Indiamart only has phone numbers and email addresses mostly. Most people, including me, don't even use their messaging system.

 

[kalph09]

Lol.

 

[nRiTeCh]

I'm awaiting massive google data breach!

 

[lockhrt999]

I'm awaiting massive google data breach!

I hope everyone here got their $2.15

Google+ class action starts paying out $2.15 for G+ privacy violations

Google exposed the private data of 52 million users in 2018 and got sued.

arstechnica.com

This data breach will hurt businesses as IndiaMart dealt mostly with B2B customers.

Having worked for one of their main rivals a long time ago. For me, this is no surprise considering the outdated system they used. What surprised me was why it took so long.

That's a problem with most Indian startups these days. They push half baked products on the consumer.

Most of the services we use have been hacked and breached at some point. All of your email ids and passwords are in public domain already. I was going to post data breach report of my email id but the list is too bloody long to post here.

Nevertheless, to summarize, my email and its passwords have been stolen from the breaches on:
123RF
BigBasket
Disqus
Jefit
last.fm
LinkedIn (I don't even remember signing up here)
MySpace
Zomato
Zoomcar
Adobe

These are the companies who have came forward. Most companies won't come forward.

If you had account with above websites then the password is already in public domain.
If you ever had a virus on your computer and if you save passwords in chrome then your passwords have already been stolen.
If you save passwords on chrome and if you have ever shared your printer/document/music directory on LAN then you have already exposed chrome passwords and history openly.