boAt’s Privacy Ship is Sinking, 7.5 Million Customers’ Data Leaked
Apr. 8, 2024Recently, the Indian budget audio products company boAt was in the news for overtaking Xiaomi and Samsung to become the second largest (first being Apple) wearables maker in the world. However, now, the brand is in a very risky spot. There has been a massive data breach that has leaked the data of7.5 million boAt customers, asreported by Forbes India.
The leaked data includes thePII (Personally Identifiable Information)of these customers. Now, this data includes the names, addresses, phone numbers, email IDs, and more of these customers. The information was leaked on a dark web platform called BreachForums. The 13GB data wascompressed to 2GBand posted on the platform by a threat actor who goes byShopifyGUY.
From the looks of it, this is the one and only leak by the threat actor, who seems new to the wicked scene of cyberattacks. The compressed data is available todownload on the forum for just 8 credits, which is equivalent to ~$2 or Rs 180. So, one can only guess that the critically sensitive data will fall into the hands of people with illegal intentions. From there, it will only be a matter of time for these customers to be subjected to phishing attacks, identity thefts, and so on.
As per the data trove, the data was leaked a month ago and the threat actor uploaded it yesterday on the forum.
Threat Intelligence Researcher Saumay Srivastava sheds light on how threat actors can use this leaked data to getaccess to credit card information, getunauthorized access to bank accounts, and more. Srivastava says, “The consequences for companies include a loss of customer confidence, legal consequences,and reputational harm. The major implications make it even more essential to implement adequate security practices.”
So, what comes next? Companies have to learn from each others’ mistakes and solidify their privacy walls to counter such attacks. 7.5 million users’ worth of data is far from being a small thing. Founder of Social Brigade, Yash Kadakia, stated that boAt needs to let the customers in on the situation at hand and look into how the data got leaked in the first place.
What Should You Do if You’ve Purchased a boAt Product in Past?
At the time of writing, boAt hasn’t yet said anything about this data breach. But, one thing is for sure. They really need to work on establishing proper security measures to prevent such data breaches from reoccurring in the future.
If you have purchased a boAt product in the past, there are chances that your data including your phone number, email ID, and address might have leaked. We recommend our readers employ privacy mechanisms like 2FA for their social media and bank accounts. Using strong passwords and changing them routinely is also a good practice.
What do you think about this entire fiasco? Let us know in the comments down below.
Sagnik is a tech aficionado who can never say “no” to dipping his toes into unknown waters of tech or reviewing the latest gadgets. He is also a hardcore gamer, having played everything from Snake Xenzia to Dead Space Remake.
