TheJakartaPost

Please Update your browser

Your browser is out of date, and may not be compatible with our website. A list of the most popular web browsers can be found below.
Just click on the icons to get to the download page.

Jakarta Post

E-commerce platform Bhinneka.com reported to be latest target of data theft

  • News Desk

    The Jakarta Post

Jakarta   /   Wed, May 13, 2020   /   02:07 pm
E-commerce platform Bhinneka.com reported to be latest target of data theft Consumer electronics e-commerce platform Bhinneka.com may have become the latest target of data theft. (Shutterstock/File)

Consumer electronics e-commerce platform Bhinneka.com may have become the latest target of data theft following reports of two similar cases concerning e-commerce platforms Tokopedia and Bukalapak earlier this month.

The data of up to 1.2 million Bhinneka.com users is reportedly being sold on the dark web for US$1,200 by a hacker group called ShinyHunters. The group is believed to be the same cybercrime organization responsible for the reported Tokopedia and Bukalapak data breaches.

Read also: Tokopedia appoints independent cybersecurity company to investigate data theft

ShinyHunter is said to have the data of 73.2 million users from 10 digital companies, including Bhinneka.com. The entire collection of data is being sold for $18,000, Kompas.com reported.

“We are currently investigating our internal system with the National Cyber and Encryption Agency (BSSN) in regard to the alleged data breach,” said Bhinneka.com chief of commercial and omnichannel Vensia Tjhin in a statement on Tuesday.

She added that Bhinneka.com implemented a global data security standard called TUV Rheinland's Payment Card Industry Data Security Standard (PCI DSS) to protect its customers.

Customers’ passwords in the database were always encrypted, she said, adding that the company did not store credit or debit card data or electronic money and other digital goods data.

“However, it is best for our customers to change their passwords as a preventive measure,” Vensia said.

Read also: Tokopedia data breach exposes vulnerability of personal data

The reported cyberattack on Bhinneka.com is the third reported data theft attempt on a homegrown e-commerce platform in recent weeks, at a time when online shopping has become more essential amid the COVID-19 pandemic.

The data of 91 million and 13 million users of Tokopedia and Bukalapak, respectively, was also reportedly being sold on the dark web.

Tokopedia CEO William Tanuwijaya wrote a letter to the platform's users on Tuesday, more than a week after reports of the data breach first circulated, explaining that the company became aware of the data theft on May 2. Meanwhile, Bukalapak has denied reports of a data breach, maintaining its customers data was safe. (eyc)