JAKARTA (RambuEnergy) – Indonesian e-commerce players could be in crisis if they failed to apply stringent cybersecurity system. Therefore, more serious efforts are needed to safeguard e-commerce customers database from the attack of international hackers, experts say.
As reported by The Hacker News, an international hacker, name Gnosticplayers, has put 26.42 million user records for sale on the dark web Dream Market in which nearly half of it is the users of an Indonesia’s major e-commerce player Bukalapak and an Indonesian student career site YouthManual.
The hacker put up for sale 13 million of Bukalapak users and 1.12 million YouthManual.com users. The other users that were up for sale were users of GameSalad (1.5 million), Estante Virtual, a Brazilian book shop (5.54 million), schedule software Coubic and LifeBear (Japanese scheduling app) totalling 3.86 million users.
Previously, the same hacker believed to be from Pakistan, has sold details of nearly 890 million online accounts stolen from 32 popular websites in three separate rounds, originating from 6 other sites for sale on the dark web.
Bukalapak has denied reports that its users’ data has been compromised.
However, the company said, “there was indeed an attempt to hack Bukalapak some time ago, but there was no important data such as user passwords, financials, or other personal info that was successfully obtained.”
The Hacker News cited the hacker, in response to Bukalapak’s denial, “They talk about an attempted breach a year ago, but there was another one new. Bukalapak just doesn’t want to acknowledge the breach to avoid GDPR fines. You can check the sample I provided on the dream market, all of them are real.”
The Hacker News added, “a Bukalapak employee reached out to The Hacker News and asked to remove the company’s name from the report. Also tried to sell a theory that 13 million records, which hacker is selling on the dark web, could be the publicly available data of sellers not of buyers on its e-commerce.”
Ardi Sutedja K, Chairman and Founder of Indonesia Cyber Security Forum (ICSF) told RambuEnergy that the Bukalapak case sends alarm bells to the Indonesian e-commerce industry. “This is a bad example that shows unreadiness of our e-commerce platforms in facing a crisis,” Ardi Sutedja said.
“What has been done by Bukalapak is like trying to cure the wounded victim after hitting by train with betadine,” Ardi Sutedja said.
He, therefore, called on the e-commerce players to seek advice from international experts that have deep knowledge on crisis management and digital economy. (*)
Written by Roffie Kurniawan