Tokopedia Hack Attempt: Millions of User Data on the Dark Net
Tokopedia, Indonesia’s biggest online marketplace, just dropped a bomb on its users: a hacker claims to hold the personal details of 91 million shoppers—yes, a full‑fledged data vault that’s now up for grabs on the Darknet.
What We Know
- The claim: The hacker says they nabbed names, emails and birthdays for 15 million users in a March 2020 breach, and now they’re offering a whole 91 million‑record database for $5,000.
- Tokopedia’s response: “We’re on it,” the company said. They’re investigating, but passwords haven’t slipped out—those stay locked behind encryption.
- China‑backed funding: With $2 billion from heavyweights like SoftBank’s Vision Fund and Alibaba, Tokopedia boasts over 90 million monthly active users.
- Security advice: If you used the same password for multiple sites, now’s the perfect time to change it.
The Hacker’s Post
The data‑breach watchdog Under the Breach shared screenshots showing the snarky plea for help: “Can we crack your passwords?” and an update that the full database is now on sale, shot straight out of the hacker’s “offer” thread.
Why This Matters
Imagine a digital “reach‑in‑the‑crow” kind of hack—people across Indonesia, all subscribing to a single e‑commerce platform, having their personal info teetering in the hands of a rogue coder. Passwords are supposed to be the fortress, but the rest of the data? Well, it’s more like a pantry full of goodies you wouldn’t want to serve to strangers.
What To Do Next
1. Reset passwords on Tokopedia and any other sites where you reuse the same credentials.
Tokopedia’s Footnote
While the company declined to comment on the specifics of the screenshots, they highlighted their active investigation and commitment to user safety. They’re working hard to confirm the breach’s scope and how best to protect their community.
