In a shocking revelation, a man named Sanjay Soni from Udaipur, Rajasthan, has been accused of stealing the personal data of over fifteen lakh women from the renowned e-commerce platform, Zivame. The stolen data, which includes sensitive information such as mobile numbers, addresses, dates of birth, email IDs, and even details about undergarments, was reportedly sold to unknown parties in Muslim nations.
Zivame Security Breach
Zivame, a popular e-commerce store specializing in lingerie, loungewear, and activewear, became the target of this massive data breach. The company, acquired by Reliance Retail in 2020, came under scrutiny when news of the breach broke. It was discovered that the hacker, Sanjay Soni, had gained unauthorized access to the website’s database and obtained sensitive customer information.
According to SportsGrail, the stolen data includes the personal details of at least 1.5 million Indian women, including their names, email addresses, phone numbers, and physical addresses. This information is particularly sensitive as Zivame’s primary business revolves around selling intimate apparel for women.
The breach has raised concerns about the potential misuse of this personal information, leading to privacy infringements and even possible harassment of affected individuals. This breach not only exposes the vulnerability of online platforms but also raises concerns about the safety and privacy of individuals in the digital age.
Blackmail And Legal Action
Sanjay Soni, the accused behind the data breach, reportedly attempted to blackmail Zivame by demanding payment in the form of cryptocurrency. Initially, the company tried to handle the situation discreetly and paid $1500 to the accused as a hush-up fee.
However, as the demands escalated, with an additional $1600 requested, Zivame realized the severity of the situation and contacted the Rajasthan Special Operations Group (SOG) to report the incident. Following an investigation, Sanjay Soni was apprehended on May 31, 2023.
During the interrogation, it was revealed that he had transferred $1000 to his own account, while the remaining amount had been transferred to another undisclosed account. The SOG subsequently produced the accused in court and he was remanded to judicial custody.
The Aftermath And Privacy Concerns
The data breach at Zivame has raised serious concerns about the privacy and security of personal information stored by online platforms. The stolen data poses a significant risk to the affected women, as it could potentially be misused or sold further on the dark web.
Reports indicate that the stolen data is now being offered for sale at a price of $500 in cryptocurrencies, heightening the threat to the privacy and well-being of the affected individuals.
Zivame, as the affected company, has faced criticism for its handling of the incident. While the Chief Technology Officer (CTO) has declined to comment on the alleged breach, the company’s silence on the matter has fueled public concern.
Users of online platforms, especially those dealing with sensitive personal information, now question the adequacy of security measures and the level of transparency exhibited by companies in safeguarding their data.
Strengthening Data Security And Privacy Measures
The Zivame data breach serves as a wake-up call for both online businesses and individuals regarding the need for robust data security measures. Companies must prioritize the implementation of stringent security protocols,
Including encryption, regular audits, and employee awareness programs, to safeguard user information. Simultaneously, users must remain vigilant and proactive in protecting their own data, employing strong passwords and enabling two-factor authentication.