A threat actor claims to be selling 12TB of data allegedly stolen from Glaze Trading India Pvt, one of India’s leading direct selling companies. According to the threat actor, the data was acquired through a ransomware attack that has taken Glaze’s systems offline for over a week. The stolen information reportedly includes the company’s entire system databases, customer information, financial documents, and more.
Glaze Trading India Pvt. Ltd., also known as Glaze Galway, was founded in 2003 and has since grown to become a major player in India’s direct selling industry. The company boasts an extensive product portfolio, a network of over 120 state franchises, and approximately 1.2 million independent distributors. With annual sales of 480 crores and a group turnover of 1200 crores, Glaze is a prominent member of the Indian Direct Selling Association (IDSA). The company has significant plans for expansion into international markets, including South Asia and the UAE, and is involved in sectors ranging from construction and property development to agriculture and consumer goods.
The stolen data allegedly includes information stored in multiple websites’ databases, along with customer eKYC documents, banking details, phone numbers, and sensitive financial and accounting documents. According to the threat actor, they were able to download the entire dataset from Glaze’s S3 backups, containing everything from system files to confidential business documents.
Glaze Trading’s social media presence is notable, with nearly 120k likes on Facebook, over 500k subscribers on YouTube, and 1M+ downloads of their official Android app. The alleged data breach raises concerns over the security of the company’s vast customer base and business operations across multiple sectors.
