data breach by hacker of Ntmeds pharmacy company

Executive Summary
          A newly registered threat actor has surfaced, claiming unauthorized access to the backend panel and complete customer database of Netmeds, a prominent online pharmacy in India. The listing asserts that the dataset includes comprehensive customer profiles, order histories, and prescriptions. However, no sample data has been provided at the time of this report.

data breach by hacker of Ntmeds pharmacy companydata breach by hacker of Ntmeds pharmacy company

Key Points

  • The threat actor claims to have administrative access to the Netmeds customer management system.
  • The dataset allegedly contains information on approximately 6.4 million users.
  • Data fields purportedly include emails, phone numbers, gender, date of birth, addresses, order histories, and prescriptions.
  • The actor is requesting communication via Telegram and has not shared any proof of access.

Assessment

          Netmeds is a well-established digital pharmacy platform in India. If the claims are authentic, this breach could expose sensitive health-related data, including personally identifiable information (PII), prescription records, and delivery details. Such data holds significant value on the underground market, as it can be exploited for fraud, identity theft, and phishing attacks, particularly those impersonating medical or regulatory institutions.

         The individual behind the listing is newly registered on the hacker forum and has not provided any sample data or technical evidence, raising doubts about the credibility of the claim. Nevertheless, due to the sensitive nature of the allegedly exposed information, this incident requires close monitoring.

data breach by hacker of Ntmeds pharmacy companydata breach by hacker of Ntmeds pharmacy company

Key Intelligence Gaps

  • No technical evidence or database samples have been provided.
  • It remains unclear whether the access includes live backend control or is limited to an exported dataset.

Intelligence Requirements

  • Validation of the threat actor’s claims through independent verification.
  • Ongoing monitoring for future leaks or activities related to Netmeds.
  • Investigation into any vulnerabilities or previous incidents associated with the platform.