The data, sold for $ 40.000, include information including full names, email IDs, hash passwords, PINs, contact numbers, addresses, dates of birth, location and login IP addresses.
The Bangalore-based company has lodged a complaint with the city's cybersecurity authority and is trying to assess the extent of the breach in collaboration with security experts at the cyberspace.
"The privacy and confidentiality of our customers is our priority and we do not store financial data, including credit card numbers, and we are confident that this financial data is secure," said the company, which is backed by Alibaba.
"The only customer data we hold are email IDs, phone numbers, order details and addresses, so these are details that could have been compromised. "We have a strong information security framework that uses the best resources and technologies in the category to manage our information."
According to Cyble, the alleged infringement took place on October 14 and BigBasket management was updated on this November 1.
Of course BigBasket is not the only company that has been breached. There are many online shopping platforms that have been attacked by malicious agents and their users' data has been exposed on the internet and in illegal forums around the world.
Internet security experts say that while online commerce has made our lives easier, it poses new risks to our data security as it becomes an increasingly popular target for Criminals of cyberspace. As they suggest, users should be careful about the information they provide, not use the same passwords and if they notice suspicious movements in their accounts, they should contact their bank immediately.