Tokopedia

Tokopedia, Indonesia's largest online store experienced a data breach that compromised the details of 15 million users registered on it.

A small part of the site's entire user database was obtained in the hack.

The hacker shared a file having a PostgreSQL database dump, containing user information such as full names, emails, phone numbers, hashed passwords, dates of birth, and Tokopedia profile-related details (account creation date, last login, email activation codes, password reset codes, location details, messenger IDs, hobbies, education, about-me fields, and lots more).

the hacker leaked the data saying that someone could help crack the user passwords, and access user accounts.

Source: https://www.zdnet.com/article/hacker-leaks-15-million-records-from-tokopedia-indonesias-largest-online-store/

TPRM report: https://scoringcyber.rankiteo.com/company/pt--tokopedia

"id": "tok12641222",
"linkid": "pt--tokopedia",
"type": "Breach",
"date": "05/2020",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 15000000,
                        'industry': 'Retail',
                        'location': 'Indonesia',
                        'name': 'Tokopedia',
                        'type': 'E-commerce'}],
 'data_breach': {'data_encryption': 'Hashed passwords',
                 'data_exfiltration': True,
                 'file_types_exposed': 'PostgreSQL database dump',
                 'number_of_records_exposed': 15000000,
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal Information',
                                              'Profile Details']},
 'description': "Tokopedia, Indonesia's largest online store experienced a "
                'data breach that compromised the details of 15 million users '
                "registered on it. A small part of the site's entire user "
                'database was obtained in the hack. The hacker shared a file '
                'having a PostgreSQL database dump, containing user '
                'information such as full names, emails, phone numbers, hashed '
                'passwords, dates of birth, and Tokopedia profile-related '
                'details (account creation date, last login, email activation '
                'codes, password reset codes, location details, messenger IDs, '
                'hobbies, education, about-me fields, and lots more). The '
                'hacker leaked the data saying that someone could help crack '
                'the user passwords, and access user accounts.',
 'impact': {'data_compromised': ['Full names',
                                 'Emails',
                                 'Phone numbers',
                                 'Hashed passwords',
                                 'Dates of birth',
                                 'Account creation date',
                                 'Last login',
                                 'Email activation codes',
                                 'Password reset codes',
                                 'Location details',
                                 'Messenger IDs',
                                 'Hobbies',
                                 'Education',
                                 'About-me fields']},
 'motivation': 'Unauthorized access to user accounts',
 'title': 'Tokopedia Data Breach',
 'type': 'Data Breach'}

Tokopedia

Israeli Infrastructure

Anthropic

Kelly Benefits