Data Leak — B2B eCommerce Platform Bizongo

What we know so far about the Bizongo.com data breach

From the bizongo.com site

A quick look at yet another data leak from an online eCommerce site — Bizongo.com . The news is still unfolding — So this post will be updated in the coming days.

• Who : Bizongo.com ( a B2B supply chain automation platform ) — registered as Smartpaddle Technology Pvt. Ltd., located in India. Has big Retail eCommerce clients like Flipkart, Amazon, Swiggy, Zomato etc as clients.
• How big : 2.5 million files carrying customer data ( names, phone numbers, billing and delivery address of customers ) 643GB of data.
• When did it happen : As early as December 2020
• What was the exploit : Leak happened through a mis-configured AWS S3 bucket owned by Bizongo.
• Implications : Definitely a credibility loss and should result in an internal enquiry about the efficacy of their Cyber Security team ( or the lack of )

Links

Bizongo Data Leak Exposed Details of Customers Making Online Purchases: Researchers