E-commerce data breach exposes millions of accounts

A recent data breach at Indian e-commerce company Dukaan exposed sensitive information belonging to millions of shoppers over a period of more than two years.

The problem originated on an Apache Kafka server that remained open to the public, transmitting more than 270,000 messages with customer and transaction information every day. This allowed cybercriminals potential access to financial data such as card numbers, expiration dates, and CVV codes, putting the financial integrity of thousands of users at risk.

Impact of the data breach on users

The scope of the data breach was so severe that it compromised not only payment information but also personal data that could be used for fraud, identity theft, or targeted phishing campaigns. Dukaan, which serves more than 3.5 million merchants and has around 16 million customers worldwide, fixed the vulnerability on October 8.

For more than two years, the exposed database was publicly available, which could have facilitated unauthorized access to the purchase histories and payment credentials of thousands of merchants and consumers.

A lesson for Mexico in cybersecurity

Although the case occurred in India, it represents an important warning for Mexico. With the growth of e-commerce in the country, companies must strengthen their cybersecurity protocols to prevent similar breaches. Consumers should also take preventive measures, such as changing passwords regularly, enabling two-step authentication, and verifying the legitimacy of the sites where they make purchases.

At Cyberpeace, we recommend maintaining constant vigilance over the protection of financial and personal data. Prevention and knowledge are essential to protect your digital identity and avoid becoming a victim of cyberattacks.

Want to learn how to protect your information online? Follow us on social media and stay up to date with the latest news and tips on digital security.

• LinkedIn 

• Facebook 

• Instagram 

• X 

• YouTube