Tokopedia, Indonesia’s largest ecommerce platform, said it was investigating an attempted hack, claiming that the data of millions of users has been leaked online. “We found that an attempt had been made to steal data from Tokopedia users,” a spokesperson said in a statement late Saturday.
“However, Tokopedia ensures that critical information such as passwords are successfully protected behind encryption.” At the moment we are continuing to investigate this issue and there is no additional information we can share, added the statement.
Data breach monitoring company Under the Breach published a Twitter post on Saturday with screenshots of an unnamed person claiming that he had obtained the personal information of 15 million Tokopedia users during a hack in March 2020 on the ecommerce site. According to the screenshots, which show names, emails and birthdays, the hacker claims that he or she owns a much larger user database and asks for help “cracking” user passwords.
Under the Breach, which monitors cybercrime, said on Sunday that the hacker updated the post detailing 91 million users for ” 5,000 on the Darknet.” The company shared a screenshot of the hacker’s online offering. Backed by 2 billion in investor funding, including SoftBank Group Corp.’s Vision Fund and Alibaba, Tokopedia, whose founder and CEO William Tanuwijaya is one of the country’s leading tech entrepreneurs, claims over 90 million monthly active users.
Tokopedia did not immediately respond to requests for comment on the hacker’s new claims. A spokesman declined to comment on the original screenshots on Saturday.