E-commerce again gets attacked, now 1.2 million Bhinneka customer data reportedly hacked

Last updated on May 7th, 2021 at 08:38 am

Not long ago Tokopedia experienced a hacking case on user data. Now it is Bhinneka’s e-commerce turn to experience it.

Reportedly 1.2 million Bhinneka customer data was hacked. The hacking was allegedly carried out by a group called ShinyHunters who would sell it to the dark web.

Responding to this, Bhinneka Group Head of Communication & Public Relations Astrid Warsito said, the company apologized for the inconvenience and the possibility of concerns arising in connection with reporting the hacking of its platform user account data.

Astrid said the online shopping site company is investigating the veracity of breaking news on user data. “Until now, we are also investigating the internal system of Bhinneka in connection with these allegations,” Astrid said when contacted by Antara in Jakarta, Sunday, May 10.

She further said that the safety and comfort of customers when shopping at Bhinneka.com is always a priority. He also said that Bhinneka had implemented TUV Rheinland’s PCI DSS (Payment Card Industry Data Security Standard) global security standards to protect customers.

Nevertheless, Astrid urges customers to immediately change passwords as a precautionary measure.

Bhinneka also confirmed that the customer’s password in the database is always encrypted, and does not store credit or debit card data. All payment data directly connected to the payment gateway. In addition, there is no electronic money or other digital goods whose data is stored in the Bhinneka system.

The following steps can be taken by customers to make it safer to shop online:

1. Change passwords regularly

2. Don’t use the same password for various services

3. Use a different email for online transaction activities

4. Use strong passwords: minimum 8 (eight) characters, upper and lower case combinations, number combinations, don’t use identities or information related to yourself, and symbol combinations, Example: Bh1nnek @ 123

Astrid said customers who want to change their password can follow the guidelines at https://www.bhinneka.com/member/account

The hacker group called ShinyHunters has reportedly broken into 73 million user data in ten companies and sold them on the dark web market for the US$ 18 thousand. Quoted from ZDNet, Sunday, ShyniHunters is the same group that hacked Tokopedia last week.

Also quoted from ZDNet, ShinyHunters is known to have distributed samples from several hacked databases. Besides Bhinneka, here are some of the companies that were reported to have been hacked by ShinyHunters, namely Zoosk: 30 million users; Chatbooks: 15 million users; SocialShare: 6 million users; Home Chef: 8 million users; Minted: 5 million users; Chronicle of Higher Education: 3 million users; GGuMim: 2 million users; Mindful: 2 million users; StarTribune 1 million users.