Lazada suffers data breach, 1.1 million RedMart accounts compromised and put up for sale
Image credit: Pixabay

Singapore-based Lazada group was a victim of a data breach on October 29, which was confirmed on the next day. On a routine systems check, the company discovered that 1.1 million RedMart accounts had been compromised. The data from these accounts that were leaked involved names, phone numbers, e-mail, mailing addresses, encrypted passwords and partial credit card numbers.

Lazada, an e-commerce company owned by the prolific Alibaba Group, discovered an anonymous individual who claimed to be in possession of leaked data from a legacy RedMart database. However, a spokesperson for the company said that this database was “no longer in use”. Moreover, the leaked database was reportedly last updated in 2019 and has no links to Lazada.

“We have taken immediate action to block unauthorised access to the database,” the Lazada spokesperson said.”Protecting the data and privacy of our customers is a top priority, and we are working swiftly to resolve this.”

Counteroffensive measures

Lazada immediately logged out all existing users from their accounts. Following this, the company asked the users to change their passwords when they logged in next. 

In a notification email, Lazada alerted its customers that it had discovered the security breach and was working actively to curb it. “For the avoidance of doubt, Lazada’s current customer data is not affected by this incident,” the email clarified. 

The company also advised customers to be alert on the prospect of phishing scams. Characteristically, hackers impersonate popular companies to exfiltrate user credentials.  Lazada has contacted the Personal Data Protection Commission (PDPC) of the breach, and an investigation is in progress. 

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Donald Trump fires cybersecurity chief Chris Krebs after he debunked voter fraud theories

Late Tuesday evening, President Donald Trump fired the chief of the CISA…

New Crypto regulations in Malaysia come into effect

The Malaysian Securities Commission (SC) announced that newly amended regulations on cryptocurrency…

71% increase in ransomware attacks in healthcare sector in October 2020

Following the joint advisory issued by three federal agencies, CheckPoint Security published…