Another major Indian firm has fallen prey to a massive cyberattack. This time, the victim is a Fortune India 500 List company: Mumbai-headquartered Aditya Birla Group (ABG). The conglomerate includes Aditya Birla Fashion and Retail Ltd. (ABFRL) as well as businesses in other sectors. The leaked database consists of monetary and transaction particulars with 21GB of ABFRL invoices.
Data with over 5.4 million electronic mail addresses have been allegedly scraped from the Aditya Birla Group-owned platform and posted publicly. The alleged database consists of private buyer data corresponding to names, telephone numbers, addresses, dates of births, order histories, bank card particulars, and passwords. The alleged Aditya Birla Fashion and the Retail database has been made public by a hacker group often called ShinyHunters. To check if you are part of the violation, visit the Have I Been Pwned website and enter your email or phone number.
What data has been published?
ShinyHunters has now published private data from ABFRL that includes:
- ABFRL employee data (full name, email, birth date, physical address, gender, age, marital status, salary, religion, and more)
- ABFRL customer data and hundreds of thousands of invoices
- Website source code and server reports.
The potential impact of a data breach for ABFRL employees, customers, and affiliates
With the amount of sensitive data in this release, many people could be impacted. As we noted above, there is lots of private information that has already been released, including sensitive payment details. This puts ABFRL customers, employees, and affiliates at risk of:
- Financial fraud
- Identity theft
- phishing attempts
- social engineering attacks
- hacked accounts
- social security scams
As always, we recommend closely monitoring your bank statements, credit cards, financial information, email, and all online accounts for fraudulent activity.
Credit Card Data, Too?
ShinyHunters informed that although they acquired customers’ credit card data with expiration date and CVV — and that ABFRL Pantaloons knows that ShinyHunters is in possession of such data, the firm has allegedly not informed customers about the breach of card data. To check if you are part of the violation, visit the Have I Been Pwned website and enter your email or phone number.
Thanks for Reading!!