Tokopedia notifies authorities of third party over data breach

Tokopedia notifies authorities of third party over data breach

Tokopedia logo display. ANTARA/HO-Tokopedia/am.

We have reported the case to the police, and we also remind all parties to erase any information that could facilitate access to the data collected through measures that break the law
Jakarta (ANTARA) - Indonesian e-commerce platform Tokopedia reported to the authorities about a third party in connection with the alleged data leak of 91 million of its users and uploading them on social media.

"We have reported the case to the police, and we also remind all parties to erase any information that could facilitate access to the data collected through measures that break the law," Tokopedia's VP of Corporate Communications, Nuraini Razak, noted in a statement received here, Monday.

A cybersecurity group on Facebook had earlier uploaded a link that led to the data of 91 million Tokopedia users being leaked for free.

Related news: Indonesia in urgent need of law on personal data protection

Cybersecurity expert from CISSREC, Pratama Persadha, followed the link and found that it originated from Raidforums, and the uploading account admitted to having bought data of the millions of users from the dark web for US$5,000.

Tokopedia clarified that the case was not an attempt to steal new data. The company, listed as one of Indonesia's unicorn start-ups, also admitted to being sentient of the upload on social media.

"We would like to stress that this was not an attempt to steal new data and that Tokopedia users' password information remain safe and protected behind encryption," Razak emphasized.

Back in May, Tokopedia was encumbered by security issues, as data of millions of their users were reportedly stolen by hackers.

During the time, the company confirmed the incident, although it ensured that vital information remained protected.

The company had coordinated with the government to address the issue and has regularly kept its users abreast of information, including that pertaining to measures to safeguard confidential information.
Related news: KPU checks data server security after personal data breach claim

Related news: KKI sues Tokopedia, Communication Ministry over data breach

 

EDITED BY INE
 

Comments