Bhinneka, one of Indonesia’s largest online stores, suffers data breach.
The breach was discovered when a hacker dump the site’s database online making them freely available to anyone. It has emerged that the initial hack took place on 27 January 2020 and it involved downloadable folders containing 2 SQL files of 1,262,300 accounts.
The database includes the users’ unique IDs, full names, email addresses, gender, contact numbers, passwords, addresses, and social media ID’s. It also contained log details and classification of whether the user is an admin or a staff member.
A similar incident took place in May 2020 when the data of 91 million users of Tokopedia, another large Indonesian store, was listed for sale for a mere $5,000 by ShinyHunters hackers.
Bhinneka users are advised to immediately reset their account passwords and look out for any phishing emails that any malicious actor who accesses the data can plan to engage in.