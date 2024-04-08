- Popular smartwatch and audio device manufacturer, boAt, has been hit by a major data breach
- Personal details of 7.5 million users have been stolen and are now being sold on the dark web
- A hacker by the name of ShopifyGUY has claimed responsibility for the attack.
boAt suffered a major data breach in which the data of 7.5 million users were stolen and is now being sold on the dark web. The stolen data includes the name, address, email ID, contact number, and customer ID of the users. Overall, about 2GB of data has been stolen from the company.
The report of the attack was first published by Forbes but was later confirmed through interaction with customers who have purchased boAt products.
A hacker that goes by the name ShopifyGUY has claimed responsibility for the attack. This is a relatively new hacker – we didn’t find any records of other major data breaches that they might have done.
boAt was founded by Shark Tank judge Aman Gupta, and Sameer Mehta in 2016. It is India‘s fastest-growing audio and wearables brand.
Timeline & Impact of The Breach
The news was made public yesterday but experts believe that it was compromised at least a month ago.
Speaking of the impact, these types of massive data breaches have long-term effects. The data is available for just 8 credits online. This means, for just 2 Euros, anyone can have the information of the victims. After a few days, the data might even surface on Telegram for free.
Considering the type of data stolen, identity theft and financial fraud are also some possibilities. Scammers might also create fake profiles using the stolen credentials and then target friends and acquaintances of the victims by impersonating them.
As for the company, the consequences will be equally severe.
boAt’s Response & The Next Course Of Action
boAt has neither responded to our request for comment nor made any official statement about the incident yet.
But, Security Brigade founder, Yash Kadakia, has some suggestions.
- He feels the first step should be to notify the affected customers and see if there’s anything they can do to reduce the damage.
- Next, a thorough investigation should be conducted to find how the hacker got access to the company’s internal network and what else might have been compromised.
- It’s important to gauge the extent of the attack to minimize the damage.
- Last but not least, the company also needs to revamp its security measures to prevent another attack in the future.
