It seems Poorvika, one of the largest tech retailers in India, recently suffered a massive data breach exposing highly sensitive information. Leaked data contains personally identifiable information of employees and customers.
Security researcher Jeremiah Fowler discovered an unsecured database containing over 8 million documents with a total size of 725.8 GB. The database contained a folder that includes SQL backups, app backups, and website source codes.
The data also has 53,885 PDF files including tax invoices and payment receipts. These documents also exposed partial credit card numbers. He also found employee data, including salary and bank account information.
Jeremiah Fowler sent an email to Poorvika and notified them about the publicly available data. The company protected the data on the same day without any response to Fowler.
This is not the first time when someone claimed to have access to Poorvika data. Back in Match, the SiegedSec hacker group also claimed to have the database of Poorvika. The alleged 15GB database of Poorvika included personal information, financial, information, staff data, and more.
The previous claim also talked about similar data, but smaller in size. It seems they only got part of it, while Jeremiah Fowler managed to get the whole database.
Jeremiah Fowler found the publicly available database and he responsibly notified the company. But SiegedSec hacker group also had access to the data. They may have also sold this data to other threat actors and scammers. So, Poorvika customers and employees are at risk.
If you have ever bought something on Poorvika, you need to be careful. Change your Poorvika account password. In case you are using the same password on other websites, change the password everywhere. You may also be a target of phishing attacks, So, be extra cautious with your emails. PII records can also be used for Identity theft and in committing financial fraud.
