A quick look at yet another data leak from an online eCommerce site — Bizongo.com . The news is still unfolding — So this post will be updated in the coming days.
- Who : Bizongo.com ( a B2B supply chain automation platform ) — registered as Smartpaddle Technology Pvt. Ltd., located in India. Has big Retail eCommerce clients like Flipkart, Amazon, Swiggy, Zomato etc as clients.
- How big : 2.5 million files carrying customer data ( names, phone numbers, billing and delivery address of customers ) 643GB of data.
- When did it happen : As early as December 2020
- What was the exploit : Leak happened through a mis-configured AWS S3 bucket owned by Bizongo.
- Implications : Definitely a credibility loss and should result in an internal enquiry about the efficacy of their Cyber Security team ( or the lack of )