Tokopedia Got Hacked – Leading to Leak of Over 91 Million Accounts on Darkweb

Tokopedia is an Indonesian technology company specializing in e-commerce. It was founded in 2009 by William Tanuwijaya and Leontinus Alpha Edison. With over 4200 employees, Tokopedia has managed to enable over 90 million active users every month. It is an Indonesian unicorn along with ride-hailing company Gojek, travel service firm Traveloka, e-commerce Bukalapak, and fintech company OVO. In 2019, according to a report by iPrice Group, Tokopedia was the most visited e-commerce website on the desktop in Indonesia between July and September with a total of 65,953,400 average monthly visits, securing 25 percent of the total market share.

Recently, the Cyble Research Team noticed Tokopedia being hacked by professional hackers, which made them get hold of the personal and login details of over 91 million users. Along with it, the hackers have put those records on the darkweb market for sale for 4000 USD. Below is the snapshot of the sale post on the Empire Darkweb Market. Apart from it, Cyble one of the growing data breach monitoring and cybersecurity intelligence firm discovered a hacker offering the account information for 15 million Tokopedia users on an online hacking forum.

Sale post on the Darkweb Market

Bleeping Computer a well-known information security and technology news publication was being created in the year 2004. In their recent news posts, they stated how the cybersecurity intelligence firm Cyble reported them about the threat actors who claim to be selling a list of millions of Tokopedia usernames and their associated de-hashed, or cracked, passwords for just $8,000. Along with that, Cyble has stated that they acquired the Tokopedia database and users can check if their account has been exposed via Cyble’s data breach monitoring platform amibreached.com.

All Tokopedia users should make the assumption that if their passwords is not de-hashed already, it may be in the future, and should immediately change their password to a unique one only used at that site.

About Cyble:

Cyble Inc.’s mission is to provide organizations with a real-time view of their supply chain cyber threats and risks. Their SaaS-based solution powered by machine learning and human analysis provides organizations’ insights to cyber threats introduced by suppliers and enables them to respond to them faster and more efficiently.

Cyble strives to be a reliable partner/facilitator to its clients allowing them with unprecedented security scoring of suppliers through cyber intelligence sourced from open and closed channels such as OSINT, the dark web and deep web monitoring and passive scanning of internet presence. Furthermore, the intelligence clubbed with machine learning capabilities fused with human analysis also allows clients to gain real-time cyber threat intel and help build better and stronger resilience to cyber breaches and hacks. Due to the nature of the collected data, the company also offer threat intelligence capabilities out-of-box to their subscribers.

Leave a Comment

Your email address will not be published.

%d bloggers like this: