A threat actor using the alias qpwomsx has claimed responsibility for an alleged data breach affecting the popular Indian online shopping platform, Meesho. However, the legitimacy of this Meesho data breach is under scrutiny, as the threat actor seems to have reposted data from 2020 and only joined the platform in May 2024, raising questions about their credibility. On Nuovo BreachForums, qpwomsx displayed what they claimed was a database from Meesho, presenting snippets of data as proof. These excerpts, which included names, email addresses, and phone numbers, initially raised concerns. However, upon closer examination, a twist emerged: the sample records provided were identical to those from the 2020 IndiaMART database leak, which affected about 38 million user records. This discovery casts significant doubt on the credibility of qpwomsx's claims about a Meesho data breach.

Unconfirmed Meesho Data Breach Surfaces on Dark Web

[caption id="attachment_68336" align="alignnone" width="1333"] Source: Dark Web[/caption] The discrepancies didn't end there. The Cyber Express further analyzed the claims and found inconsistencies within the data itself. Specifically, discrepancies between names and associated phone numbers raised red flags. Given qpwomsx's brief tenure on the platform and apparent credibility issues, discerning the authenticity of the Meesho data breach becomes a daunting task. However, examining the stolen data paints a perplexing situation as the majority of the email addresses are valid and deliverable. Along with the emails, the data appears to be a compilation of personal information belonging to individuals, predominantly based in India.  Alongside names, email addresses, and phone numbers, additional details such as location and workplace affiliations were also included. However, the presence of "null" values suggests potential gaps or inaccuracies within the dataset.

The IndiaMART Data Breach Link

The Cyber Express has reached out to the e-commerce giant to learn more about this alleged Meesho data leak. However, at the time of writing this, no official statement or response has been shared, leaving the claims for the data breach unverified.  Moreover, parallels emerge between the purported Meesho breach and the 2020 IndiaMART data leak, which exposed sensitive information from over 40,000 suppliers. IndiaMART, a prominent business-to-business e-commerce platform, was also targeted in a cyberattack in 2020. Despite assertions from the company that only basic contact information is publicly available, cybersecurity researchers found an extensive exposure of sensitive data. Interestingly, the stolen data from the IndiaMART data leak is similar to the current Meesho data breach, raising concerns about the authenticity of the leak and the motives behind it.  This is an ongoing story and The Cyber Express will be closely monitoring the situation. We’ll update this post once we have more information on the alleged Meesho data breach or any official confirmation from the Indian e-commerce giant. Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.