Bukalapak.com

High Impact

1 March 2019

•

12,957,568 records affected

•

Dehashed

Search on Google

Description

In March 2019, Bukalapak, an Indonesian e-commerce website, identified a security breach where attackers accessed the company's backup data from October 2017. The breach exposed around 13 million records, including email addresses, IP addresses, names, and passwords stored as bcrypt and salted SHA-512 hashes.

What to do if you're affected

1.Change your password immediately if you have an account with this service
2.Enable two-factor authentication (2FA) wherever possible
3.Check if your email appears in the breach using Have I Been Pwned
4.Monitor your accounts for suspicious activity
5.Consider using a password manager to generate unique passwords

Learn More About Data Breaches

Have I Been Pwned

Check if your data has been compromised

ENISA

EU Agency for Cybersecurity