Bizongo Data Leak Exposed Details of Customers Making Online Purchases: Researchers

The security team at Web development firm Website Planet allegedly discovered a misconfigured Amazon Web Services (AWS) S3 bucket owned by Bizongo in late December.

Advertisement
By Jagmeet Singh | Updated: 13 April 2021 14:36 IST
Highlights
  • Bizongo was reported about the data breach on December 30
  • The company was found to have fixed the issue in January
  • Bizongo offers solutions for packaging, distribution, and inventory

Bizongo claims to have companies such as Amazon, Flipkart, and Swiggy on board

Bizongo, the business-to-business platform for supply chain automation, reportedly exposed 2.5 million files carrying customer data, according to security researchers. The exposed data is said to have included names, addresses, and phone numbers of various customers who were getting orders via the Mumbai-based company. In some cases, the researchers found bills containing purchase details and financial information of Bizongo clients. The company has Amazon, Flipkart, Myntra, Swiggy, and Zomato among the clients using its B2B supply chain and vendor management solutions.

The security team at Web development firm Website Planet allegedly discovered a misconfigured Amazon Web Services (AWS) S3 bucket owned by Bizongo that was leaking data in late December. The bucket included two different file types — customer bills and shipping labels.

Advertisement

According to the researchers, there were a total of 2,532,610 files that were exposed due to the misconfiguration — amounting 643GB of data.

The exposed data is said to include the names, billing and delivery addresses, and phone numbers of customers getting deliveries via Bizongo. Financial details of some customers and business clients were also a part of the misconfigured bucket, as per the researchers.

Advertisement

Bizongo was informed about the leaking data by the Website Planet team on December 30. The company did not provide a response regarding the issue, though the server misconfiguration was found fixed on January 8.

In March, Gadgets 360 reached out to Bizongo co-founder and CEO Aniket Deb to understand the data breach that was informed by the Website Planet researchers. The executive, however, didn't get back until the time of publishing this story.

Advertisement

“With clear examples of branded shipping labels and customer receipts, finding the owner of the breached database was reasonably straightforward. All of the exposed data was identified as accurate, with the data belonging to real individuals,” the Website Planet wrote in a blog post.

Gadgets 360 wasn't able to independently verify the accuracy of the exposed details. It is also unclear whether the exposed data was accessed by a bad actor until the issue got fixed.

Advertisement

The details available on the Bizongo website show that there are more than 70 e-commerce companies and over 50 food and beverage companies that work with the B2B platform. Amazon, Firstcry, Flipkart, Myntra, Swiggy, and Zomato are among the companies using its solutions that cater to areas such as artwork management, distribution, inventory management, and packaging sourcing.

Founded in 2015, Bizongo is backed by investors including Schroder Adveq, Accel, B Capital, Chiratae Ventures, and IFC. It reportedly raised $9.3 million (roughly Rs. 70.11 crores) in January.


Does WhatsApp's new privacy policy spell the end for your privacy? We discussed this on Orbital, the Gadgets 360 podcast. Orbital is available on Apple Podcasts, Google Podcasts, Spotify, and wherever you get your podcasts.

Affiliate links may be automatically generated - see our ethics statement for details.
 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement
Popular Mobile Brands
  1. OTT Releases This Week: Elle, Super Subbu, Enola Holmes 3, and More
  2. DJI Mic Mini 2S Launched With 32-Bit Float Recording, AI Noise Cancellation
  3. Alienware 15 Arrives in India as Dell's Most Affordable Gaming Laptop Yet
  4. Lumio Project Neo First Look: The Genius Phone-to-TV Bridge
  5. CMF's Himanshu Tandon Departs Firm After a 10-Month Stint
  6. Here's Our First Look of the Nothing Phone 4b 'RCB Edition' Variant
  7. Huawei Band 11 Series Over 100 Workout Modes Debuts in India: See Price
  8. Moto G77 Power Will Launch in India on This Date
  9. Amazon Prime Day Sale: Early Deals on Smartphones From Top Brands Revealed
  10. Samsung's Galaxy A18 May Feature These Chips Instead of Its Own Exynos SoC
  1. Huawei Band 11 Series Launched in India With 1.62-Inch Display, Over 100 Workout Modes: Price, Features
  2. Samsung Galaxy A18 Models Said to Drop Exynos Chip in Favour of MediaTek, Snapdragon
  3. DJI Mic Mini 2S Launched With 32-Bit Float Recording, AI Noise Cancellation: Price, Features
  4. Alienware 15 Launched in India With Up to Ryzen 7 260 CPU, RTX 4050 GPU: Price, Specifications
  5. PS Plus Monthly Games for July Include Call of Duty: Modern Warfare 3, For the King 2 and CrossCode
  6. Nothing Phone 4b RCB Edition Design, Colour Revealed Days Ahead of Debut
  7. Garmin Forerunner 70, Forerunner 170, Forerunner 170 Music Launched in India With 1.2-Inch Display, Up to 13 Days Battery Life
  8. Redmi Note 17 Series Launch Timeline Teased, Company Touts Display Upgrades and Longer Battery Life
  9. Lava Probuds T51, Xscape 13° Neckband With Up to 70 Hours Battery Life Launched in India: Price, Features
  10. Best Noise Cancellation Headphones in India to Buy This Amazon Prime Day: boAt Rockerz 650 Pro, JBL Tune 520 BT and More
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.