BoAt, India's largest audio and wearables brand, is investigating a possible data breach after hackers advertised a cache of customer data online.
Samples of purported customer data were uploaded to known cybercrime forums and included names, phone numbers, email addresses, mailing addresses, and order numbers. Some of the data reviewed by TechCrunch appears to be authentic based on matching it with publicly available phone numbers.
The hacker said the breach occurred in March and the data of more than 7.5 million customers was compromised.
In a statement emailed to TechCrunch, BoAt said it was investigating the issue, but did not provide further details.
“BoAt is aware of recent allegations regarding a potential data breach involving customer information. We take these allegations seriously and immediately launched a comprehensive investigation. Protecting them is our top priority,” the company said.
The leaked data includes references to Shopify. Indian news outlet Atenir reported that the alleged hackers claimed to have obtained the data using credentials stolen from BoAt's systems.
According to data provided by IDC, BoAt counts Warburg Pincus and South Lake Investment among its key investors and leads the wireless earphone market in India with around 34% share. BoAt also dominates the wearables market in India, with around 26% market share.
In 2022, BoAt, valued at $300 million following a $100 million Series B round in 2021, filed for an IPO to raise up to $266 million. However, the brand later postponed its listing plans due to a slowdown in the public market.