New Delhi: Indian companies are getting more prone to sophisticated digital attacks, the latest victim of an alleged data breach is Gurgaon based wedding planning website – WedMeGood. According to US-based Cybersecurity firm – Cyble Inc, data of 1.34 million users have leaked online.
The international security firm said they got the sense of the leak through a Russian-speaking forum. The leak checked by Cyble researchers contains a database portion; with the table name ‘member’. The size of the clear text file is ~500MB, containing close to 1.34 million user data. The leaked data includes email IDs, password hashes, contact numbers, and activity records, among others.
The security firm claims that they have informed the management team of WedMeGood about the leaks who are working towards a disclosure process.
WedMeGood is an Indian wedding planning website and app which brings together different wedding vendors under one platform showcasing their work, price and reviews. The company, which was founded in 2014 is a one-stop solution provider for wedding planners, photographers, caterers, card publishers, make-up artists, designer wears, venue and banquet etc.
The listed data leaked indicates the activity log dated from May 2015 to September 2020. Cyble in its blog said that victims of data breaches need to act fast in order to better combat the consequences of the unethical release of secure or private information to untrusted parties.
The cybersecurity company in its another post also claims that it has found complete- 100 per cent sensitive data of Haldirams leaked by Maze on their website in the dark web. The data consists of various types of sensitive information within 8 compressed files.
The story of ransomware attack and data breach involving Haldirams was first reported by The420.in. Confirming the report, Cyble said the leaked data includes internal emails, financial documents – including tax and payroll details of some employees, vendor related documents, ex gratia payment details, and PAN cards among other sensitive details. Most of these documents contain information from 2016, with details from F.Y. 2015-16 as well. The data comprises multiple excel and pdf files that are not password protected.
- Here are a few ways to prevent cyber-attacks:
- Never click on unverified/unidentified links
- Do not open untrusted email attachments
- Only download media from sites you trust
- Never use unfamiliar USBs
- Use security software and keep it updated
- Backup your data periodically
- Keep passwords unique and unpredictable
- Keep Software and Systems up to date
- Train employees on Cyber Security
- Set up Firewall for your internet
- Take a Cyber Security assessment
- Update passwords regularly