Lesson to learn from Zivame data breach!
2024-03-17Lingerie purchases are personal and knowing this information is exposed can be a major privacy concern for women. Lingerie is often associated with intimacy and sexuality. Having purchase details leaked feels like a violation of privacy. The leaked data could be used for targeted advertising, harassment, or even judgements.
E-commerce platforms should be transparent about what data they collect, how it's used, and how they ensure security. Data breaches are a growing concern, and consumers deserve better protection for their personal information.
Founded in 2011, Zivame offers a range of women’s innerwear. The Bengaluru-based startup raised a total of $69.2 million in funding. In 2020, Reliance Retail, a subsidiary of Reliance Industries, which is one of the largest conglomerates in India with interests ranging from oil to telecommunications, acquired Zivame. This acquisition was part of Reliance Retail's broader strategy to expand its presence in the retail sector, particularly in e-commerce.
Zivame experienced a data breach, exposing the personal information of 1.5 million Indian women for sale onl the dark web and the messaging app Telegram. Threat actors are selling the compromised data, including names, email addresses, phone numbers, and physical addresses, for $500 in cryptocurrencies.
According to India Today, the supposed threat actor offered them a sample dataset of 1,500 users including their names, contact details and addresses in order to “verify the credibility of the data”. Using the data provided, India Today was able to confirm that those in the dataset given were Zivame customers. The hacker claimed that the information was not publicly available.
One of the data samples the broker shared also included details about individual purchases — but does not contain payment-related information. The data was pulled offline later, apparently at the hacker’s request.
Advise to the Zivame customers:
• Change your Zivame account password and consider using a password manager to create strong, unique passwords for all your online accounts.
• Be cautious of phishing emails or calls that may try to trick you into revealing personal information.
• Monitor your bank statements for any suspicious activity.
It's important to clarify that news reports indicate the breach did not expose "vital statistics" of customers, which typically refers to body measurements. There is no confirmation that such private information was part of the data breach.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.