boAt, a homegrown audio and wearable brand has started investigating a possible data breach involving its customer information, experts on Tuesday said that the users should be on the lookout for unsuspecting, uninitiated communications from the company or any other services related to the brand that seek additional information, such as password or two-factor authentication codes.
Several reports have claimed that the cyber breach compromised the data of over 7.5 million customers of boAt.
Maheswaran S, Country Manager South Asia, Varonis, told IANS: "The breach revealed that over 7.5 million customers' sensitive information, including names, emails, phone numbers, addresses, and customer IDs, has been compromised and is now circulating on the dark web."
"This trove of data presents a lucrative opportunity for cybercriminals to orchestrate targeted and sophisticated social engineering attacks," he added.
In the 2023 IBM Cost of a Data Breach report, the average cost of a data breach for organisations reached $4.45 million, while the average cost per record reached $165, a nominal increase from 2022, which saw the average cost per record reach USD 164.
According to Tenable's senior staff research engineer Satnam Narang, the more sensitive information present in stolen data, the higher asking price can be expected.
"In the case of the alleged boAt data breach, it’s been reported that it is being sold by the attacker for a little over a few USD 2 or around Rs 160," Narang said.
In addition, Harshil Doshi, Country Director, India & SAARC, Securonix, advised that affected users should change their account passwords, deploy two-factor authentication, stay alert for any social engineering attacks and look out for further updates from the company.
A boAt's Spokesperson said that the company is aware of recent data breach claims and "safeguarding customer data is our top priority."
ALSO READ: Ola focusing on Indian market, set to shut down global operations
Inputs from IANS