IndiaMart Suffers Supplier Data Breach

Security Checkers Security

IndiaMart suffers data breach; Details of 40,000 suppliers leaked online

IndiaMart, a popular business-to-business ecommerce website, has been recently targeted by hackers, who were able to obtain sensitive data of more than 40,000 suppliers across the country. 

The leak was discovered when details belonging to thousands of suppliers was put up for sale on online forums and underground websites. The database contains suppliers’ user IDs, full names, addresses, email addresses and phone number, it has emerged. 

Researcher Ashok Krishna from threat monitoring platform CloudSEK, who discovered the breach, said that the details are enough for hackers to launch a phishing campaign, scams and even identity theft. 

“Usually our mobile numbers and email IDs are linked to banking, mobile wallet, and other online accounts,” a blog post explains.

“Having these details makes it easier for threat actors to compromise the victims’ accounts.”

Deepanjli Paulraj, lead cyber intelligence editor at CloudSEK, said: “We have been able to validate the data. It does belong to active IndiaMART vendors.”

“Whether a bug in the IndiaMART website or an unsecured database, if not remediated, could put six million-plus suppliers on the platform at risk,” he added. 

Meanwhile, IndiaMart downplayed the incident and says the data was readily available. 

“At the outset, we would like to clarify that sellers basic contact information is a public information and is advertised on IndiaMart and other places like a printed directory, other internet portals and search