[UPDATE] Flipkart, Myntra User Data Compromised Again In Phishing Scam

[UPDATE] Flipkart, Myntra User Data Compromised Again In Phishing Scam

SUMMARY

A gang of 45 have been arrested for illegally sourcing ecommerce user data

Whether Flipkart and Myntra authorised the data sourcing has not yet been verified

India saw the second-highest number of cyber-attacks between 2016 and 2018

Data of Flipkart and Myntra users was reportedly compromised by a phishing group operating from two offices in Noida. The city police’s cybercrime cell arrested 45 people working in a fake call centre setup. 

The gang was found to be in possession of sensitive user data including names, email IDs, shipping address, customer buying history and order IDs, according to a media report. 

Vaibhav Krishna, chief of Noida Police reportedly said that the data was in fact sourced from the ecommerce companies Flipkart and Myntra but they are still investigating whether the companies had authorised this data sourcing. 

Interestingly, almost half (22) of the arrested people were women. According to the police, the gang conned customers by posing as Flipkart and Myntra representatives and offered cashbacks to customers on past purchases. 

In some cases, the customers were offered a 10%-20% discount on their next purchase towards which they had to pay a registration amount (INR 3K-10K) through UPI or online transaction made to the caller. Dileep Saroj, the alleged head of the gang is yet to be arrested, the report added. 

This is not the first case of phishing reports in ecommerce companies. In April this year, the Uttar Pradesh Special Task Force also caught a similar gang responsible for the data leak of 14 Lakh online shoppers, amounting to a loss of INR 200 Cr. 

The Nandan Rao Patel-led gang targeted customers of major ecommerce platforms such as Flipkart, Amazon, Myntra, Paytm, Snapdeal, Shopclues, and HomeShop18 among others. Similar to the latest incident, scammers in UP made fake calls, posing as the representatives of ecommerce companies and convinced customers to transfer money. . 

Cybersecurity Concerns Rise In India

According to the Data Security Council of India (DSCI) report, India saw the second-highest number of cyber-attacks between 2016 and 2018. The average cost incurred for a data breach in the country has also risen 7.9% since 2017, with the average cost per breached record amounting to INR 4,552 ($64). The Indian government has also announced plans to launch a cybersecurity policy by January 2020. 

Cybersecurity company Sequretek found Pankit Desai told Inc42, “As new-age business models shift from supply chain centricity to value chain centricity; the link between various companies’ technologies has become one of the biggest security gaps that businesses will have to fight in the near future.” 

He also noted the upcoming adoption of 5G network will further intensify cybersecurity risks for businesses in India.

Ecommerce companies had been setting multiple checks and balances to mitigate these cases of online fraud. Artificial intelligence startup ThirdWatch has also developed a solution for ecommerce companies to catch possible fraudulent transactions. The company’s AI systems generate a flag for every transaction and give it a risk score which can then be evaluated by the ecommerce company. 

Update | 12:47, Nov 29, 2019

In response to an Inc42 query, Flipkart spokesperson said, “We are yet to receive specific information on the investigation that was conducted by the Noida police.”

“Flipkart Group is absolutely focused on maintaining the safety and security of our customer data and have robust systems and controls in place to safeguard data. The company has a strong information security process aligned to global industry standards such as ISO 27001, PCI-DSS,” the company added.

In order to prevent any more such incidents, the company claimed to be running awareness campaigns across various media and social channels, educating and cautioning customers on this industry-wide problem of fraudulent offers made via SMS, email, or other mediums, we drive awareness campaigns.

You have reached your limit of free stories
Become An Inc42 Plus Member

Become a Startup Insider in 2024 with Inc42 Plus. Join our exclusive community of 10,000+ founders, investors & operators and stay ahead in India’s startup & business economy.

2 YEAR PLAN
₹19999
₹7999
₹333/Month
UNLOCK 60% OFF
Cancel Anytime
1 YEAR PLAN
₹9999
₹4999
₹416/Month
UNLOCK 50% OFF
Cancel Anytime
Already A Member?
Discover Startups & Business Models

Unleash your potential by exploring unlimited articles, trackers, and playbooks. Identify the hottest startup deals, supercharge your innovation projects, and stay updated with expert curation.

[UPDATE] Flipkart, Myntra User Data Compromised Again In Phishing Scam-Inc42 Media
How-To’s on Starting & Scaling Up

Empower yourself with comprehensive playbooks, expert analysis, and invaluable insights. Learn to validate ideas, acquire customers, secure funding, and navigate the journey to startup success.

[UPDATE] Flipkart, Myntra User Data Compromised Again In Phishing Scam-Inc42 Media
Identify Trends & New Markets

Access 75+ in-depth reports on frontier industries. Gain exclusive market intelligence, understand market landscapes, and decode emerging trends to make informed decisions.

[UPDATE] Flipkart, Myntra User Data Compromised Again In Phishing Scam-Inc42 Media
Track & Decode the Investment Landscape

Stay ahead with startup and funding trackers. Analyse investment strategies, profile successful investors, and keep track of upcoming funds, accelerators, and more.

[UPDATE] Flipkart, Myntra User Data Compromised Again In Phishing Scam-Inc42 Media
[UPDATE] Flipkart, Myntra User Data Compromised Again In Phishing Scam-Inc42 Media
You’re in Good company